Skip to content

Commit bdeb7e5

Browse files
miyazakhmiyazakh
committed
fix XFWRITE called with negative size
1 parent b14b75a commit bdeb7e5

3 files changed

Lines changed: 40 additions & 10 deletions

File tree

src/sign-verify/clu_sign.c

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -729,6 +729,16 @@ int wolfCLU_sign_data_dilithium (byte* data, char* out, word32 dataSz, char* pri
729729
else {
730730
XFILE outFile;
731731
outFile = XFOPEN(out, "wb");
732+
if (outFile == NULL) {
733+
wolfCLU_LogError("Failed to open output file %s", out);
734+
XFREE(outBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
735+
wc_FreeRng(&rng);
736+
wc_dilithium_free(key);
737+
#ifdef WOLFSSL_SMALL_STACK
738+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
739+
#endif
740+
return BAD_FUNC_ARG;
741+
}
732742
XFWRITE(outBuf, 1, outBufSz, outFile);
733743
XFCLOSE(outFile);
734744
}

src/sign-verify/clu_verify.c

Lines changed: 12 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -438,14 +438,16 @@ int wolfCLU_verify_signature_rsa(byte* sig, char* out, int sigSz, char* keyPath,
438438
}
439439

440440
/* write the output to the specified file */
441-
XFILE s = XFOPEN(out, "wb");
442-
if (s == NULL) {
443-
wolfCLU_LogError("Unable to open file %s", out);
444-
ret = BAD_FUNC_ARG;
445-
}
446-
else {
447-
XFWRITE(outBuf, 1, ret, s);
448-
XFCLOSE(s);
441+
if (ret > 0) {
442+
XFILE s = XFOPEN(out, "wb");
443+
if (s == NULL) {
444+
wolfCLU_LogError("Unable to open file %s", out);
445+
ret = BAD_FUNC_ARG;
446+
}
447+
else {
448+
XFWRITE(outBuf, 1, ret, s);
449+
XFCLOSE(s);
450+
}
449451
}
450452
}
451453

@@ -954,7 +956,7 @@ int wolfCLU_verify_signature_xmss(byte* sig, int sigSz,
954956
for (int i = 0; i < XMSS_OID_LEN; i++) {
955957
oid = (oid << 8) | keyBuf[i];
956958
}
957-
959+
958960
switch (oid) {
959961
case WC_XMSS_OID_SHA2_10_256:
960962
XMEMCPY(paramStr, "XMSS-SHA2_10_256\0", paramLen);
@@ -1109,7 +1111,7 @@ int wolfCLU_verify_signature_xmssmt(byte* sig, int sigSz,
11091111
for (int i = 0; i < XMSS_OID_LEN; i++) {
11101112
oid = (oid << 8) | keyBuf[i];
11111113
}
1112-
1114+
11131115
switch (oid) {
11141116
case WC_XMSSMT_OID_SHA2_20_2_256:
11151117
XMEMCPY(paramStr, "XMSSMT-SHA2_20/2_256\0\0", paramLen);

tests/genkey_sign_ver/genkey-sign-ver-test.sh

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -176,6 +176,16 @@ DERPEMRAW="der"
176176
VERIFYOUTNAME="rsa-sigout"
177177
gen_key_sign_ver_test ${ALGORITHM} ${KEYFILENAME} ${SIGOUTNAME} ${DERPEMRAW} ${VERIFYOUTNAME}
178178

179+
# A verify with invalid signature must fail gracefully.
180+
./wolfssl -rsa -verify -inkey rsakey.pub -inform der \
181+
-sigfile sign-this.txt -in sign-this.txt \
182+
-out rsa_badverify_out.txt -pubin
183+
RESULT=$?
184+
[ $RESULT -eq 0 ] && \
185+
printf '%s\n' "RSA verify with invalid sig should have failed" && exit 99
186+
[ -f rsa_badverify_out.txt ] && \
187+
printf '%s\n' "RSA verify with invalid sig: output file must not be created" && exit 99
188+
179189
# Regression test: -exponent value must not overwrite -size (was stored in
180190
# sizeArg instead of expArg, corrupting the key size).
181191
./wolfssl -genkey rsa -size 2048 -exponent 65537 -out rsakey_exp \
@@ -227,6 +237,14 @@ for level in 2 3 5
227237
do
228238
gen_key_sign_ver_test ${ALGORITHM} ${KEYFILENAME} ${SIGOUTNAME} ${DERPEMRAW} ${level}
229239
done
240+
241+
# Dilithium sign to an unwritable path must fail gracefully
242+
./wolfssl -genkey dilithium -level 2 -out mldsakey -outform der -output keypair
243+
./wolfssl -dilithium -sign -inkey mldsakey.priv -inform der \
244+
-in sign-this.txt -out /nonexistent_dir/mldsa_bad.sig
245+
RESULT=$?
246+
[ $RESULT -eq 0 ] && \
247+
printf '%s\n' "dilithium sign to invalid path should have failed" && exit 99
230248
fi
231249

232250
# Check if xmss is availabe

0 commit comments

Comments
 (0)