Skip to content

Commit b26890e

Browse files
author
itayzafrir
committed
Do not allocate zero sized buffers - generators
1 parent 749b1e3 commit b26890e

File tree

1 file changed

+48
-44
lines changed

1 file changed

+48
-44
lines changed

components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c

Lines changed: 48 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -1603,14 +1603,15 @@ void psa_crypto_generator_operations(void)
16031603
uint8_t *output = NULL;
16041604
size_t output_length = msg.out_size[0];
16051605

1606-
output = mbedtls_calloc(1, output_length);
1607-
if (output == NULL) {
1608-
status = PSA_ERROR_INSUFFICIENT_MEMORY;
1609-
break;
1606+
if (output_length > 0) {
1607+
output = mbedtls_calloc(1, output_length);
1608+
if (output == NULL) {
1609+
status = PSA_ERROR_INSUFFICIENT_MEMORY;
1610+
break;
1611+
}
16101612
}
16111613

1612-
status = psa_generator_read(msg.rhandle,
1613-
output, output_length);
1614+
status = psa_generator_read(msg.rhandle, output, output_length);
16141615
if (status == PSA_SUCCESS) {
16151616
psa_write(msg.handle, 0, output, output_length);
16161617
}
@@ -1654,38 +1655,41 @@ void psa_crypto_generator_operations(void)
16541655
}
16551656

16561657
case PSA_KEY_DERIVATION: {
1657-
uint8_t *salt = NULL;
1658-
uint8_t *label = NULL;
1658+
uint8_t *salt = NULL, *label = NULL;
1659+
size_t salt_size = msg.in_size[1],
1660+
label_size = msg.in_size[2];
16591661

1660-
if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle,
1661-
msg.client_id)) {
1662+
if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, msg.client_id)) {
16621663
status = PSA_ERROR_INVALID_HANDLE;
16631664
break;
16641665
}
16651666

1666-
salt = mbedtls_calloc(1, msg.in_size[1]);
1667-
label = mbedtls_calloc(1, msg.in_size[2]);
1668-
if (salt == NULL || label == NULL) {
1669-
status = PSA_ERROR_INSUFFICIENT_MEMORY;
1670-
} else {
1671-
bytes_read = psa_read(msg.handle, 1, salt, msg.in_size[1]);
1672-
if (bytes_read != msg.in_size[1]) {
1673-
SPM_PANIC("SPM read length mismatch");
1667+
if (salt_size > 0) {
1668+
salt = mbedtls_calloc(1, salt_size);
1669+
if (salt == NULL) {
1670+
status = PSA_ERROR_INSUFFICIENT_MEMORY;
1671+
} else {
1672+
bytes_read = psa_read(msg.handle, 1, salt, salt_size);
1673+
if (bytes_read != salt_size) {
1674+
SPM_PANIC("SPM read length mismatch");
1675+
}
16741676
}
1675-
1676-
bytes_read = psa_read(msg.handle, 2, label, msg.in_size[2]);
1677-
if (bytes_read != msg.in_size[2]) {
1678-
SPM_PANIC("SPM read length mismatch");
1677+
}
1678+
if (status == PSA_SUCCESS && label_size > 0) {
1679+
label = mbedtls_calloc(1, label_size);
1680+
if (label == NULL) {
1681+
status = PSA_ERROR_INSUFFICIENT_MEMORY;
1682+
} else {
1683+
bytes_read = psa_read(msg.handle, 2, label, label_size);
1684+
if (bytes_read != label_size) {
1685+
SPM_PANIC("SPM read length mismatch");
1686+
}
16791687
}
1688+
}
16801689

1681-
status = psa_key_derivation(msg.rhandle, psa_crypto_ipc.handle,
1682-
psa_crypto_ipc.alg,
1683-
salt,
1684-
msg.in_size[1],//salt length
1685-
label,
1686-
msg.in_size[2],//label length
1687-
psa_crypto_ipc.capacity);
1688-
1690+
if (status == PSA_SUCCESS) {
1691+
status = psa_key_derivation(msg.rhandle, psa_crypto_ipc.handle, psa_crypto_ipc.alg,
1692+
salt, salt_size, label, label_size, psa_crypto_ipc.capacity);
16891693
}
16901694

16911695
mbedtls_free(salt);
@@ -1694,40 +1698,40 @@ void psa_crypto_generator_operations(void)
16941698
mbedtls_free(msg.rhandle);
16951699
psa_set_rhandle(msg.handle, NULL);
16961700
}
1697-
16981701
break;
16991702
}
17001703

17011704
case PSA_KEY_AGREEMENT: {
17021705
uint8_t *private_key = NULL;
1706+
size_t private_key_size = msg.in_size[1];
17031707

1704-
if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle,
1705-
msg.client_id)) {
1708+
if (!psa_crypto_access_control_is_handle_permitted(psa_crypto_ipc.handle, msg.client_id)) {
17061709
status = PSA_ERROR_INVALID_HANDLE;
17071710
break;
17081711
}
17091712

1710-
private_key = mbedtls_calloc(1, msg.in_size[1]);
1711-
if (private_key == NULL) {
1712-
status = PSA_ERROR_INSUFFICIENT_MEMORY;
1713-
} else {
1714-
bytes_read = psa_read(msg.handle, 1, private_key, msg.in_size[1]);
1715-
if (bytes_read != msg.in_size[1]) {
1716-
SPM_PANIC("SPM read length mismatch");
1713+
if (private_key_size > 0) {
1714+
private_key = mbedtls_calloc(1, private_key_size);
1715+
if (private_key == NULL) {
1716+
status = PSA_ERROR_INSUFFICIENT_MEMORY;
1717+
} else {
1718+
bytes_read = psa_read(msg.handle, 1, private_key, private_key_size);
1719+
if (bytes_read != private_key_size) {
1720+
SPM_PANIC("SPM read length mismatch");
1721+
}
17171722
}
1723+
}
17181724

1725+
if (status == PSA_SUCCESS) {
17191726
status = psa_key_agreement(msg.rhandle, psa_crypto_ipc.handle,
1720-
private_key,
1721-
msg.in_size[1],//private_key length
1722-
psa_crypto_ipc.alg);
1727+
private_key, private_key_size, psa_crypto_ipc.alg);
17231728
mbedtls_free(private_key);
17241729
}
17251730

17261731
if (status != PSA_SUCCESS) {
17271732
mbedtls_free(msg.rhandle);
17281733
psa_set_rhandle(msg.handle, NULL);
17291734
}
1730-
17311735
break;
17321736
}
17331737

0 commit comments

Comments
 (0)