Skip to content

RSA decrypt: don't write past buffer end on error #9454

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

RSA decrypt: don't write past buffer end on error #9454

wants to merge 1 commit into from
+27 −6

Conversation

@SparkiDev
Copy link
Contributor

@SparkiDev SparkiDev commented Nov 21, 2025

Description

When the decrypted data is bigger than the buffer, the one extra bytes was being written to.

Fixes zd#20791

Testing

./configure --disable-shared --enable-keygen --enable-sp --enable-sp-asm --enable-intelasm 'CC=gcc -fsanitize=address'

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@devin-ai-integration
Copy link
Contributor

devin-ai-integration bot commented Nov 21, 2025

🛟 Devin Lifeguard found 1 likely issues in this PR

  • no-memory-leaks snippet: Add WC_FREE_VAR(shortPlain, NULL); after the other WC_FREE_VAR calls at the end of test_wc_RsaPublicEncryptDecrypt to release the newly allocated buffer.

@SparkiDev
please take a look at the above issues which Devin flagged. Devin will not fix these issues automatically.

@SparkiDev SparkiDev mentioned this pull request Nov 21, 2025
Closed
@SparkiDev SparkiDev force-pushed the rsa_dec_too_small_output_fix branch 3 times, most recently from 160698a to f136e27 Compare November 21, 2025 01:26
@SparkiDev
Copy link
Contributor Author

SparkiDev commented Nov 21, 2025

🛟 Devin Lifeguard found 1 likely issues in this PR

* `no-memory-leaks` [snippet](https://github.com/wolfSSL/wolfssl/blob/804ff42d44eabd20335e35adb4f5e3663b9cb4ab/tests/api/test_rsa.c#L795): Add WC_FREE_VAR(shortPlain, NULL); after the other WC_FREE_VAR calls at the end of test_wc_RsaPublicEncryptDecrypt to release the newly allocated buffer.

@SparkiDev please take a look at the above issues which Devin flagged. Devin will not fix these issues automatically.

Fixed

@SparkiDev SparkiDev force-pushed the rsa_dec_too_small_output_fix branch from f136e27 to eaa6107 Compare November 21, 2025 01:40
@SparkiDev
RSA decrypt: don't write past buffer end on error
23c5678 
When the decrypted data is bigger than the buffer, the one extra bytes
was being written to.
@SparkiDev SparkiDev force-pushed the rsa_dec_too_small_output_fix branch from eaa6107 to 23c5678 Compare November 21, 2025 02:12
@douzzer douzzer self-requested a review November 21, 2025 21:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@douzzer douzzer Awaiting requested review from douzzer

At least 1 approving review is required to merge this pull request.

Assignees

@JacobBarthelmeh JacobBarthelmeh

@SparkiDev SparkiDev

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@SparkiDev @JacobBarthelmeh