From f85e4e67bd9a9b69a70741c4ccf1d155271a3c1b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 12 Nov 2019 11:08:23 +0100 Subject: [PATCH] test_suite_pk: fix use of sig_len without initialization In pk_sign_verify, if mbedtls_pk_sign() failed, sig_len was passed to mbedtls_pk_verify_restartable() without having been initialized. This worked only because in the only test case that expects signature to fail, the verify implementation doesn't look at sig_len before failing for the expected reason. The value of sig_len if sign() fails is undefined, so set sig_len to something sensible. --- tests/suites/test_suite_pk.function | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index b34907522..0050db7be 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -926,6 +926,8 @@ void pk_sign_verify( int type, int sign_ret, int verify_ret ) TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, &sig_len, rnd_std_rand, NULL, rs_ctx ) == sign_ret ); + if( sign_ret != 0 ) + sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE; TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, sig_len ) == verify_ret ); @@ -945,6 +947,8 @@ void pk_sign_verify( int type, int sign_ret, int verify_ret ) TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, &sig_len, rnd_std_rand, NULL ) == sign_ret ); + if( sign_ret != 0 ) + sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE; TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, sig_len, rs_ctx ) == verify_ret );