Skip to content

Commit cb5d209

Browse files
committed
Address copilot feedback
1 parent 8961b60 commit cb5d209

2 files changed

Lines changed: 21 additions & 5 deletions

File tree

wolfcrypt/src/ecc.c

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -10991,11 +10991,13 @@ static int _ecc_import_x963_ex2(const byte* in, word32 inLen, ecc_key* key,
1099110991
#endif
1099210992

1099310993
/* determine key size */
10994-
keysize = (int)(inLen>>1);
10995-
/* NOTE: FIPS v6.0.0 or greater, no restriction on imported keys, only
10996-
* on created keys or signatures */
10997-
err = wc_ecc_set_curve(key, keysize, curve_id);
10998-
key->type = ECC_PUBLICKEY;
10994+
if (err == MP_OKAY) {
10995+
keysize = (int)(inLen>>1);
10996+
/* NOTE: FIPS v6.0.0 or greater, no restriction on imported keys,
10997+
* only on created keys or signatures */
10998+
err = wc_ecc_set_curve(key, keysize, curve_id);
10999+
key->type = ECC_PUBLICKEY;
11000+
}
1099911001
}
1100011002

1100111003
/* read data */

wolfcrypt/src/kdf.c

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -236,6 +236,13 @@ int wc_PRF_TLSv1(byte* digest, word32 digLen, const byte* secret,
236236
WC_DECLARE_VAR(sha_result, byte, MAX_PRF_DIG, heap); /* digLen is real size */
237237
WC_DECLARE_VAR(labelSeed, byte, MAX_PRF_LABSEED, heap);
238238

239+
if ((digest == NULL && digLen != 0) ||
240+
(secret == NULL && secLen != 0) ||
241+
(label == NULL && labLen != 0) ||
242+
(seed == NULL && seedLen != 0)) {
243+
return BAD_FUNC_ARG;
244+
}
245+
239246
/* labLen + seedLen is checked with subtraction to avoid word32 wraparound
240247
* (the labLen bound first ensures MAX_PRF_LABSEED - labLen cannot
241248
* underflow). */
@@ -291,6 +298,13 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
291298
{
292299
int ret = 0;
293300

301+
if ((digest == NULL && digLen != 0) ||
302+
(secret == NULL && secLen != 0) ||
303+
(label == NULL && labLen != 0) ||
304+
(seed == NULL && seedLen != 0)) {
305+
return BAD_FUNC_ARG;
306+
}
307+
294308
#ifdef WOLFSSL_DEBUG_TLS
295309
WOLFSSL_MSG(" secret");
296310
WOLFSSL_BUFFER(secret, secLen);

0 commit comments

Comments
 (0)