From f5f25b3a0db2fd54f423166f673475b27769e0f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 27 Nov 2014 14:04:56 +0100 Subject: [PATCH] Add test for ctr_drbg_update() input sanitizing --- tests/suites/test_suite_ctr_drbg.function | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index fd9f087f2..a36bab245 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -141,6 +141,10 @@ void ctr_drbg_entropy_usage( ) } TEST_ASSERT( last_idx == test_offset_idx ); + /* Call update with too much data (sizeof entropy > MAX(_SEED)_INPUT) + * (just make sure it doesn't cause memory corruption) */ + ctr_drbg_update( &ctx, entropy, sizeof( entropy ) ); + /* Now enable PR, so the next few calls should all reseed */ ctr_drbg_set_prediction_resistance( &ctx, CTR_DRBG_PR_ON ); TEST_ASSERT( ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 );