Use size_t in wolfSSL_strnstr and reject negative indices in mp_get_digit

padelsbach · padelsbach · commit 6f7e5d030b1e · 2026-04-10T10:48:17.000-07:00
diff --git a/src/conf.c b/src/conf.c
@@ -90,7 +90,7 @@ WOLFSSL_TXT_DB *wolfSSL_TXT_DB_read(WOLFSSL_BIO *in, int num)
         char** fieldPtr = NULL;
         int fieldPtrIdx = 0;
         char* fieldCheckIdx = NULL;
-        lineEnd = XSTRNSTR(idx, "\n", (unsigned int)(bufEnd - idx));
+        lineEnd = XSTRNSTR(idx, "\n", (size_t)(bufEnd - idx));
         if (!lineEnd)
             lineEnd = bufEnd;
         if (idx == lineEnd) /* empty line */
@@ -852,11 +852,11 @@ int wolfSSL_NCONF_load(WOLFSSL_CONF *conf, const char *file, long *eline)
     idx = buf;
     bufEnd = buf + bufLen;
     while (idx < bufEnd) {
-        char* lineEnd = XSTRNSTR(idx, "\n", (unsigned int)(bufEnd - idx));
+        char* lineEnd = XSTRNSTR(idx, "\n", (size_t)(bufEnd - idx));
         char* maxIdx;
         if (!lineEnd)
             lineEnd = bufEnd; /* Last line in file */
-        maxIdx = XSTRNSTR(idx, "#", (unsigned int)(lineEnd - idx));
+        maxIdx = XSTRNSTR(idx, "#", (size_t)(lineEnd - idx));
         if (!maxIdx)
             maxIdx = lineEnd;
         line++;
diff --git a/src/ssl_load.c b/src/ssl_load.c
@@ -2677,21 +2677,21 @@ int ProcessFile(WOLFSSL_CTX* ctx, const char* fname, int format, int type,
 
         /* Look for CA header and footer - same as CERT_TYPE. */
         if (wc_PemGetHeaderFooter(CA_TYPE, &header, &footer) == 0 &&
-                (XSTRNSTR((char*)content.buffer, header, (word32)sz) != NULL)) {
+                (XSTRNSTR((char*)content.buffer, header, sz) != NULL)) {
             type = CA_TYPE;
             WOLFSSL_MSG_CERT_LOG_EX("Detected cert type CA_TYPE = %d:", type);
         }
 #ifdef HAVE_CRL
         /* Look for CRL header and footer. */
         else if (wc_PemGetHeaderFooter(CRL_TYPE, &header, &footer) == 0 &&
-                (XSTRNSTR((char*)content.buffer, header, (word32)sz) != NULL)) {
+                (XSTRNSTR((char*)content.buffer, header, sz) != NULL)) {
             type = CRL_TYPE;
             WOLFSSL_MSG_CERT_LOG_EX("Detected cert type CRL_TYPE = %d:", type);
         }
 #endif
         /* Look for cert header and footer - same as CA_TYPE. */
         else if (wc_PemGetHeaderFooter(CERT_TYPE, &header, &footer) == 0 &&
-                (XSTRNSTR((char*)content.buffer, header, (word32)sz) !=
+                (XSTRNSTR((char*)content.buffer, header, sz) !=
                     NULL)) {
             type = CERT_TYPE;
             WOLFSSL_MSG_CERT_LOG_EX("Detected cert type CERT_TYPE = %d:", type);
diff --git a/src/x509.c b/src/x509.c
@@ -8348,7 +8348,7 @@ int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP* lookup,
     do {
         /* get PEM header and footer based on type */
         if (wc_PemGetHeaderFooter(CRL_TYPE, &header, &footer) == 0 &&
-                XSTRNSTR((char*)curr, header, (unsigned int)sz) != NULL) {
+                XSTRNSTR((char*)curr, header, sz) != NULL) {
 #ifdef HAVE_CRL
             WOLFSSL_CERT_MANAGER* cm = lookup->store->cm;
 
@@ -8365,15 +8365,15 @@ int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP* lookup,
             if (ret != WOLFSSL_SUCCESS)
                 goto end;
 #endif
-            curr = (byte*)XSTRNSTR((char*)curr, footer, (unsigned int)sz);
+            curr = (byte*)XSTRNSTR((char*)curr, footer, sz);
         }
         else if (wc_PemGetHeaderFooter(CERT_TYPE, &header, &footer) == 0 &&
-                XSTRNSTR((char*)curr, header, (unsigned int)sz) != NULL) {
+                XSTRNSTR((char*)curr, header, sz) != NULL) {
             ret = X509StoreLoadCertBuffer(lookup->store, curr,
                                         (word32)sz, WOLFSSL_FILETYPE_PEM);
             if (ret != WOLFSSL_SUCCESS)
                 goto end;
-            curr = (byte*)XSTRNSTR((char*)curr, footer, (unsigned int)sz);
+            curr = (byte*)XSTRNSTR((char*)curr, footer, sz);
         }
         else
             goto end;
@@ -13765,13 +13765,12 @@ int wolfSSL_write_X509_CRL(WOLFSSL_X509_CRL* crl, const char* path, int type)
         while (i < l && wolfSSL_BIO_read(bio, &pem[i], 1) == 1) {
             i++;
             if (!header) {
-                header = XSTRNSTR(pem, "-----BEGIN ", (unsigned int)i);
+                header = XSTRNSTR(pem, "-----BEGIN ", i);
             }
             else if (!headerEnd) {
                 headerEnd = XSTRNSTR(header + XSTR_SIZEOF("-----BEGIN "),
                         "-----",
-                        (unsigned int)
-                        (i - (header + XSTR_SIZEOF("-----BEGIN ") - pem)));
+                        i - (header + XSTR_SIZEOF("-----BEGIN ") - pem));
                 if (headerEnd) {
                     headerEnd += XSTR_SIZEOF("-----");
                     /* Read in the newline */
@@ -13788,12 +13787,12 @@ int wolfSSL_write_X509_CRL(WOLFSSL_X509_CRL* crl, const char* path, int type)
             }
             else if (!footer) {
                 footer = XSTRNSTR(headerEnd, "-----END ",
-                        (unsigned int)(i - (headerEnd - pem)));
+                        i - (headerEnd - pem));
             }
             else if (!footerEnd) {
                 footerEnd = XSTRNSTR(footer + XSTR_SIZEOF("-----"),
-                        "-----", (unsigned int)(i -
-                            (footer + XSTR_SIZEOF("-----") - pem)));
+                        "-----",
+                        i - (footer + XSTR_SIZEOF("-----") - pem));
                 if (footerEnd) {
                     footerEnd += XSTR_SIZEOF("-----");
                     /* Now check that footer matches header */
diff --git a/src/x509_str.c b/src/x509_str.c
@@ -1737,7 +1737,7 @@ static int X509StoreReadFile(const char *fname,
 #ifdef HAVE_CRL
         /* Look for CRL header and footer. */
         if (wc_PemGetHeaderFooter(CRL_TYPE, &header, &footer) == 0 &&
-                (XSTRNSTR((char*)content->buffer, header, (word32)sz) !=
+                (XSTRNSTR((char*)content->buffer, header, sz) !=
                     NULL)) {
             *type = CRL_TYPE;
         }
diff --git a/tests/api/test_wolfmath.c b/tests/api/test_wolfmath.c
@@ -70,6 +70,11 @@ int test_mp_get_digit(void)
     ExpectIntEQ(mp_get_digit(NULL, n), 0);
     ExpectIntEQ(mp_get_digit(&a, n), 0);
 
+    /* negative index must return 0, not index out of bounds */
+    ExpectIntEQ(mp_get_digit(&a, -1), 0);
+    ExpectIntEQ(mp_get_digit(&a, -100), 0);
+    ExpectIntEQ(mp_get_digit(NULL, -1), 0);
+
     mp_clear(&a);
 #endif
     return EXPECT_RESULT();
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
@@ -24072,8 +24072,8 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
 #endif /* WOLFSSL_ENCRYPTED_KEYS */
 
     /* find footer */
-    footerEnd = XSTRNSTR(headerEnd, footer, (unsigned int)((const char*)buff +
-        sz - headerEnd));
+    footerEnd = XSTRNSTR(headerEnd, footer,
+        (size_t)((const char*)buff + sz - headerEnd));
     if (!footerEnd) {
         if (info)
             info->consumed = longSz; /* No more certs if no footer */
diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c
@@ -4265,9 +4265,9 @@ time_t stm32_hal_time(time_t *t1)
 
 #if (!defined(WOLFSSL_LEANPSK) && !defined(STRING_USER)) || \
     defined(USE_WOLF_STRNSTR)
-char* wolfSSL_strnstr(const char* s1, const char* s2, unsigned int n)
+char* wolfSSL_strnstr(const char* s1, const char* s2, size_t n)
 {
-    unsigned int s2_len = (unsigned int)XSTRLEN(s2);
+    size_t s2_len = XSTRLEN(s2);
 
     if (s2_len == 0)
         return (char *)(wc_ptr_t)s1;
diff --git a/wolfcrypt/src/wolfmath.c b/wolfcrypt/src/wolfmath.c
@@ -98,10 +98,10 @@ int mp_get_digit_count(const mp_int* a)
 
 mp_digit mp_get_digit(const mp_int* a, int n)
 {
-    if (a == NULL)
+    if (a == NULL || n < 0)
         return 0;
 
-    return (n < 0 || (unsigned int)n >= (unsigned int)a->used) ? 0 : a->dp[n];
+    return ((unsigned int)n >= (unsigned int)a->used) ? 0 : a->dp[n];
 }
 
 #if defined(HAVE_ECC) || defined(WOLFSSL_MP_COND_COPY)
diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h
@@ -1727,7 +1727,8 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
 
 #if (!defined(WOLFSSL_LEANPSK) && !defined(STRING_USER)) || \
     defined(USE_WOLF_STRNSTR)
-    WOLFSSL_TEST_VIS char* wolfSSL_strnstr(const char* s1, const char* s2, unsigned int n);
+    #include <stddef.h> /* for size_t */
+    WOLFSSL_TEST_VIS char* wolfSSL_strnstr(const char* s1, const char* s2, size_t n);
 #endif
 
 #ifndef FILE_BUFFER_SIZE

Original file line number	Diff line number	Diff line change
`@@ -1737,7 +1737,7 @@ static int X509StoreReadFile(const char *fname,`
`1737`	`1737`	`#ifdef HAVE_CRL`
`1738`	`1738`	`/* Look for CRL header and footer. */`
`1739`	`1739`	`if (wc_PemGetHeaderFooter(CRL_TYPE, &header, &footer) == 0 &&`
`1740`		`- (XSTRNSTR((char*)content->buffer, header, (word32)sz) !=`
	`1740`	`+ (XSTRNSTR((char*)content->buffer, header, sz) !=`
`1741`	`1741`	`NULL)) {`
`1742`	`1742`	`*type = CRL_TYPE;`
`1743`	`1743`	`}`
Original file line number	Diff line number	Diff line change
`@@ -98,10 +98,10 @@ int mp_get_digit_count(const mp_int* a)`
`98`	`98`
`99`	`99`	`mp_digit mp_get_digit(const mp_int* a, int n)`
`100`	`100`	`{`
`101`		`- if (a == NULL)`
	`101`	`+ if (a == NULL \|\| n < 0)`
`102`	`102`	`return 0;`
`103`	`103`
`104`		`- return (n < 0 \|\| (unsigned int)n >= (unsigned int)a->used) ? 0 : a->dp[n];`
	`104`	`+ return ((unsigned int)n >= (unsigned int)a->used) ? 0 : a->dp[n];`
`105`	`105`	`}`
`106`	`106`
`107`	`107`	`#if defined(HAVE_ECC) \|\| defined(WOLFSSL_MP_COND_COPY)`