Skip to content

Commit d396afb

Browse files
padelsbachpadelsbach
committed
Add length checks in client keywrap request functions
1 parent 80f0133 commit d396afb

1 file changed

Lines changed: 21 additions & 0 deletions

File tree

src/wh_client_keywrap.c

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,10 @@ int wh_Client_KeyWrapRequest(whClientContext* ctx,
2626
return WH_ERROR_BADARGS;
2727
}
2828

29+
if (keySz == 0 || keySz > WOLFHSM_CFG_KEYWRAP_MAX_KEY_SIZE) {
30+
return WH_ERROR_BADARGS;
31+
}
32+
2933
/* Set the request pointer to the shared comm data memory region */
3034
req =
3135
(whMessageKeystore_KeyWrapRequest*)wh_CommClient_GetDataPtr(ctx->comm);
@@ -139,6 +143,10 @@ int wh_Client_KeyUnwrapAndExportRequest(whClientContext* ctx,
139143
return WH_ERROR_BADARGS;
140144
}
141145

146+
if (wrappedKeySz == 0 || wrappedKeySz > WOLFHSM_CFG_KEYWRAP_MAX_KEY_SIZE) {
147+
return WH_ERROR_BADARGS;
148+
}
149+
142150
/* Set the request pointer to the shared comm data memory region */
143151
req =
144152
(whMessageKeystore_KeyUnwrapAndExportRequest*)wh_CommClient_GetDataPtr(
@@ -256,6 +264,10 @@ int wh_Client_KeyUnwrapAndCacheRequest(whClientContext* ctx,
256264
if (ctx == NULL || wrappedKeyIn == NULL)
257265
return WH_ERROR_BADARGS;
258266

267+
if (wrappedKeySz == 0 || wrappedKeySz > WOLFHSM_CFG_KEYWRAP_MAX_KEY_SIZE) {
268+
return WH_ERROR_BADARGS;
269+
}
270+
259271
/* Set the request pointer to the shared comm data memory region */
260272
req = (whMessageKeystore_KeyUnwrapAndCacheRequest*)wh_CommClient_GetDataPtr(
261273
ctx->comm);
@@ -357,6 +369,10 @@ int wh_Client_DataWrapRequest(whClientContext* ctx,
357369
return WH_ERROR_BADARGS;
358370
}
359371

372+
if (dataInSz == 0 || dataInSz > WOLFHSM_CFG_KEYWRAP_MAX_DATA_SIZE) {
373+
return WH_ERROR_BADARGS;
374+
}
375+
360376
/* Set the request pointer to the shared comm data memory region */
361377
req =
362378
(whMessageKeystore_DataWrapRequest*)wh_CommClient_GetDataPtr(ctx->comm);
@@ -465,6 +481,11 @@ int wh_Client_DataUnwrapRequest(whClientContext* ctx,
465481
return WH_ERROR_BADARGS;
466482
}
467483

484+
if (wrappedDataInSz == 0 ||
485+
wrappedDataInSz > WOLFHSM_CFG_KEYWRAP_MAX_DATA_SIZE) {
486+
return WH_ERROR_BADARGS;
487+
}
488+
468489
/* Set the request pointer to the shared comm data memory region */
469490
req = (whMessageKeystore_DataUnwrapRequest*)wh_CommClient_GetDataPtr(
470491
ctx->comm);

0 commit comments

Comments
 (0)