Skip to content

Commit 69af8ed

Browse files
committed
Address copilot feedback
1 parent b4d73d0 commit 69af8ed

2 files changed

Lines changed: 21 additions & 5 deletions

File tree

wolfcrypt/src/ecc.c

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -10993,11 +10993,13 @@ static int _ecc_import_x963_ex2(const byte* in, word32 inLen, ecc_key* key,
1099310993
#endif
1099410994

1099510995
/* determine key size */
10996-
keysize = (int)(inLen>>1);
10997-
/* NOTE: FIPS v6.0.0 or greater, no restriction on imported keys, only
10998-
* on created keys or signatures */
10999-
err = wc_ecc_set_curve(key, keysize, curve_id);
11000-
key->type = ECC_PUBLICKEY;
10996+
if (err == MP_OKAY) {
10997+
keysize = (int)(inLen>>1);
10998+
/* NOTE: FIPS v6.0.0 or greater, no restriction on imported keys,
10999+
* only on created keys or signatures */
11000+
err = wc_ecc_set_curve(key, keysize, curve_id);
11001+
key->type = ECC_PUBLICKEY;
11002+
}
1100111003
}
1100211004

1100311005
/* read data */

wolfcrypt/src/kdf.c

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -238,6 +238,13 @@ int wc_PRF_TLSv1(byte* digest, word32 digLen, const byte* secret,
238238
WC_DECLARE_VAR(sha_result, byte, MAX_PRF_DIG, heap); /* digLen is real size */
239239
WC_DECLARE_VAR(labelSeed, byte, MAX_PRF_LABSEED, heap);
240240

241+
if ((digest == NULL && digLen != 0) ||
242+
(secret == NULL && secLen != 0) ||
243+
(label == NULL && labLen != 0) ||
244+
(seed == NULL && seedLen != 0)) {
245+
return BAD_FUNC_ARG;
246+
}
247+
241248
/* labLen + seedLen is checked with subtraction to avoid word32 wraparound
242249
* (the labLen bound first ensures MAX_PRF_LABSEED - labLen cannot
243250
* underflow). */
@@ -293,6 +300,13 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
293300
{
294301
int ret = 0;
295302

303+
if ((digest == NULL && digLen != 0) ||
304+
(secret == NULL && secLen != 0) ||
305+
(label == NULL && labLen != 0) ||
306+
(seed == NULL && seedLen != 0)) {
307+
return BAD_FUNC_ARG;
308+
}
309+
296310
#ifdef WOLFSSL_DEBUG_TLS
297311
WOLFSSL_MSG(" secret");
298312
WOLFSSL_BUFFER(secret, secLen);

0 commit comments

Comments
 (0)