Skip to content

Commit

Permalink
Merge pull request #7650 from kaleb-himes/SRTP-KDF-CODEREVIEWr2
Browse files Browse the repository at this point in the history 
Add sanity for case id'd in optesting review
  • Loading branch information
@SparkiDev
SparkiDev authored Jun 24, 2024
2 parents 75475ae + 23f796c commit 0900e00
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 12 deletions.
24 changes: 12 additions & 12 deletions configure.ac
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4103,18 +4103,6 @@ AC_ARG_ENABLE([ed448-stream],
[ ENABLED_ED448_STREAM=no ]
)

if test "$ENABLED_ED448_STREAM" != "no"
then
if test "$ENABLED_ED448" = "no"
then
AC_MSG_ERROR([ED448 verify streaming enabled but ED448 is disabled])
else
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ED448_STREAMING_VERIFY"
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_ED448_STREAMING_VERIFY"
fi
fi


# FP ECC, Fixed Point cache ECC
AC_ARG_ENABLE([fpecc],
[AS_HELP_STRING([--enable-fpecc],[Enable Fixed Point cache ECC (default: disabled)])],
Expand Down Expand Up @@ -5614,6 +5602,18 @@ then
ENABLED_CERTS=yes
fi
if test "$ENABLED_ED448_STREAM" != "no"
then
if test "$ENABLED_ED448" = "no"
then
AC_MSG_ERROR([ED448 verify streaming enabled but ED448 is disabled])
else
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ED448_STREAMING_VERIFY"
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_ED448_STREAMING_VERIFY"
fi
fi
# SRTP-KDF
if test "$ENABLED_SRTP" = "yes"
then
Expand Down
10 changes: 10 additions & 0 deletions wolfcrypt/src/aes.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10761,6 +10761,11 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
authTagSz > AES_BLOCK_SIZE)
return BAD_FUNC_ARG;

/* Sanity check on authIn to prevent segfault in xorbuf() where
* variable 'in' is dereferenced as the mask 'm' in misc.c */
if (authIn == NULL && authInSz > 0)
return BAD_FUNC_ARG;

/* sanity check on tag size */
if (wc_AesCcmCheckTagSize((int)authTagSz) != 0) {
return BAD_FUNC_ARG;
Expand Down Expand Up @@ -10903,6 +10908,11 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
authTagSz > AES_BLOCK_SIZE)
return BAD_FUNC_ARG;

/* Sanity check on authIn to prevent segfault in xorbuf() where
* variable 'in' is dereferenced as the mask 'm' in misc.c */
if (authIn == NULL && authInSz > 0)
return BAD_FUNC_ARG;

/* sanity check on tag size */
if (wc_AesCcmCheckTagSize((int)authTagSz) != 0) {
return BAD_FUNC_ARG;
Expand Down

0 comments on commit 0900e00

Please sign in to comment.