yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-26 19:35:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix output size calculations in cipher tests

Browse Source 
Some calls to psa_cipher_finish or psa_cipher_update append to a
buffer. Several of these calls were not calculating the offset into
the buffer or the remaining buffer size correctly.

This did not lead to buffer overflows before because the buffer sizes
were sufficiently large for our test inputs. This did not lead to
incorrect output when the test was designed to append but actually
wrote too early because all the existing test cases either have no
output from finish (stream cipher) or have no output from update (CBC,
with less than one block of input).
This commit is contained in:
Gilles Peskine 2019-02-19 19:05:33 +01:00
parent 2b88dc3717
commit ee46fe7b9b
1 changed files with 15 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
tests/suites/test_suite_psa_crypto.function
View File

@ -2415,8 +2415,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
&function_output_length ) );
total_output_length += function_output_length;
status = psa_cipher_finish( &operation,
output + function_output_length,
output_buffer_size,
output + total_output_length,
output_buffer_size - total_output_length,
&function_output_length );
total_output_length += function_output_length;
@ -2483,12 +2483,13 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
PSA_ASSERT( psa_cipher_update( &operation,
input->x + first_part_size,
input->len - first_part_size,
output, output_buffer_size,
output + total_output_length,
output_buffer_size - total_output_length,
&function_output_length ) );
total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_finish( &operation,
output + function_output_length,
output_buffer_size,
output + total_output_length,
output_buffer_size - total_output_length,
&function_output_length ) );
total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_abort( &operation ) );
@ -2554,12 +2555,13 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
PSA_ASSERT( psa_cipher_update( &operation,
input->x + first_part_size,
input->len - first_part_size,
output, output_buffer_size,
output + total_output_length,
output_buffer_size - total_output_length,
&function_output_length ) );
total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_finish( &operation,
output + function_output_length,
output_buffer_size,
output + total_output_length,
output_buffer_size - total_output_length,
&function_output_length ) );
total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_abort( &operation ) );
@ -2622,8 +2624,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
&function_output_length ) );
total_output_length += function_output_length;
status = psa_cipher_finish( &operation,
output + function_output_length,
output_buffer_size,
output + total_output_length,
output_buffer_size - total_output_length,
&function_output_length );
total_output_length += function_output_length;
TEST_EQUAL( status, expected_status );
@ -2689,7 +2691,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
output1, output1_size,
&output1_length ) );
PSA_ASSERT( psa_cipher_finish( &operation1,
output1 + output1_length, output1_size,
output1 + output1_length,
output1_size - output1_length,
&function_output_length ) );
output1_length += function_output_length;
@ -2707,7 +2710,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
function_output_length = 0;
PSA_ASSERT( psa_cipher_finish( &operation2,
output2 + output2_length,
output2_size,
output2_size - output2_length,
&function_output_length ) );
output2_length += function_output_length;