wolfssl/wolfcrypt/types.h: add static_assert() definitions;

douzzer · douzzer · commit fbbb2b876b99 · 2024-09-19T01:15:42.000-05:00
wolfssl/internal.h: add DTLS13_HANDSHAKE_HEADER_SZ;

src/tls13.c: in EchHashHelloInner(), use falseHeader[DTLS13_HANDSHAKE_HEADER_SZ] to fix buffer overrun;

src/dtls13.c: add static assert for DTLS13_HANDSHAKE_HEADER_SZ.
diff --git a/src/dtls13.c b/src/dtls13.c
@@ -71,6 +71,8 @@ typedef struct Dtls13HandshakeHeader {
     byte fragmentLength[3];
 } Dtls13HandshakeHeader;
 
+static_assert(sizeof(Dtls13HandshakeHeader) == DTLS13_HANDSHAKE_HEADER_SZ);
+
 /**
  * struct Dtls13Recordplaintextheader: represent header of unprotected DTLSv1.3
  * record
diff --git a/src/tls13.c b/src/tls13.c
@@ -4165,7 +4165,11 @@ static int EchHashHelloInner(WOLFSSL* ssl, WOLFSSL_ECH* ech)
 {
     int ret;
     HS_Hashes* tmpHashes;
+#ifdef WOLFSSL_DTLS13
+    byte falseHeader[DTLS13_HANDSHAKE_HEADER_SZ];
+#else
     byte falseHeader[HANDSHAKE_HEADER_SZ];
+#endif
 
     if (ssl == NULL || ech == NULL)
         return BAD_FUNC_ARG;
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
@@ -1637,6 +1637,7 @@ enum Misc {
 #endif
 
     HANDSHAKE_HEADER_SZ   = 4,  /* type + length(3)        */
+    DTLS13_HANDSHAKE_HEADER_SZ   = 12, /* sizeof(Dtls13HandshakeHeader) */
     RECORD_HEADER_SZ      = 5,  /* type + version + len(2) */
     CERT_HEADER_SZ        = 3,  /* always 3 bytes          */
     REQ_HEADER_SZ         = 2,  /* cert request header sz  */
diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h
@@ -1694,6 +1694,24 @@ typedef struct w64wrapper {
         #define PRAGMA_DIAG_POP /* null expansion */
     #endif
 
+    #define WC_CPP_CAT_(a, b) a ## b
+    #define WC_CPP_CAT(a, b) WC_CPP_CAT_(a, b)
+    #ifndef static_assert
+        #if !defined(__cplusplus) && !defined(__STRICT_ANSI__) && \
+                !defined(WOLF_C89) && ((defined(__GNUC__) &&      \
+                __GNUC__ >= 5) || defined(__clang__))
+            #define __static_assert(expr, msg, ...) _Static_assert(expr, msg)
+            #define static_assert(expr, ...) \
+                __static_assert(expr, ##__VA_ARGS__, #expr)
+        #elif defined(__STRICT_ANSI__) || defined(WOLF_C89)
+            #define static_assert(expr) \
+                struct WC_CPP_CAT(dummy_struct_, __LINE__)
+        #else
+            #define static_assert(...) \
+                struct WC_CPP_CAT(wc_dummy_struct_L, __LINE__)
+        #endif
+    #endif
+
     #ifndef SAVE_VECTOR_REGISTERS
         #define SAVE_VECTOR_REGISTERS(...) WC_DO_NOTHING
     #endif
