Skip to content

Commit f8c968d

Browse files
author
Andras Fekete
committed
Fix possible memory overrun
1 parent 3875a18 commit f8c968d

1 file changed

Lines changed: 10 additions & 5 deletions

File tree

wolfcrypt/test/test.c

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -18501,11 +18501,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t certext_test(void)
1850118501
return WC_TEST_RET_ENC_EC(ret);
1850218502

1850318503
/* check the SKID from a RSA certificate */
18504-
if (XMEMCMP(skid_rsa, cert.extSubjKeyId, sizeof(cert.extSubjKeyId)))
18504+
if ((sizeof(skid_rsa) - 1 != cert.extSubjKeyIdSz) ||
18505+
(XMEMCMP(skid_rsa, cert.extSubjKeyId, cert.extSubjKeyIdSz)))
1850518506
return WC_TEST_RET_ENC_NC;
1850618507

1850718508
/* check the AKID from an RSA certificate */
18508-
if (XMEMCMP(akid_rsa, cert.extAuthKeyId, sizeof(cert.extAuthKeyId)))
18509+
if ((sizeof(akid_rsa) - 1 != cert.extAuthKeyIdSz) ||
18510+
(XMEMCMP(akid_rsa, cert.extAuthKeyId, cert.extAuthKeyIdSz)))
1850918511
return WC_TEST_RET_ENC_NC;
1851018512

1851118513
/* check the Key Usage from an RSA certificate */
@@ -18552,7 +18554,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t certext_test(void)
1855218554
/* check the SKID from a ECC certificate - generated dynamically */
1855318555

1855418556
/* check the AKID from an ECC certificate */
18555-
if (XMEMCMP(akid_ecc, cert.extAuthKeyId, sizeof(cert.extAuthKeyId)))
18557+
if ((sizeof(akid_ecc) - 1 != cert.extAuthKeyIdSz) ||
18558+
(XMEMCMP(akid_ecc, cert.extAuthKeyId, cert.extAuthKeyIdSz)))
1855618559
return WC_TEST_RET_ENC_NC;
1855718560

1855818561
/* check the Key Usage from an ECC certificate */
@@ -18600,11 +18603,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t certext_test(void)
1860018603
return WC_TEST_RET_ENC_EC(ret);
1860118604

1860218605
/* check the SKID from a CA certificate */
18603-
if (XMEMCMP(kid_ca, cert.extSubjKeyId, sizeof(cert.extSubjKeyId)))
18606+
if ((sizeof(kid_ca) - 1 != cert.extSubjKeyIdSz) ||
18607+
(XMEMCMP(kid_ca, cert.extSubjKeyId, cert.extSubjKeyIdSz)))
1860418608
return WC_TEST_RET_ENC_NC;
1860518609

1860618610
/* check the AKID from an CA certificate */
18607-
if (XMEMCMP(kid_ca, cert.extAuthKeyId, sizeof(cert.extAuthKeyId)))
18611+
if ((sizeof(kid_ca) - 1 != cert.extAuthKeyIdSz) ||
18612+
(XMEMCMP(kid_ca, cert.extAuthKeyId, cert.extAuthKeyIdSz)))
1860818613
return WC_TEST_RET_ENC_NC;
1860918614

1861018615
/* check the Key Usage from CA certificate */

0 commit comments

Comments
 (0)