Skip to content

Commit

Permalink
Fix oss-fuzz issue 71399: invalid param value
Browse files Browse the repository at this point in the history
  • Loading branch information
@ni4
ni4 committed Nov 2, 2024
1 parent 1b86b43 commit c349fe4
Show file tree
Hide file tree
Showing 4 changed files with 10 additions and 2 deletions.
2 changes: 1 addition & 1 deletion src/lib/crypto/sphincsplus.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -302,7 +302,7 @@ sphincsplus_pubkey_size(sphincsplus_parameter_t param)
return 64;
default:
RNP_LOG("invalid SLH-DSA parameter identifier");
throw rnp::rnp_exception(RNP_ERROR_BAD_PARAMETERS);
return 0;
}
}

Expand Down
7 changes: 6 additions & 1 deletion src/lib/key_material.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1823,7 +1823,12 @@ SlhdsaKeyMaterial::parse(pgp_packet_body_t &pkt) noexcept
return false;
}
sphincsplus_parameter_t param = (sphincsplus_parameter_t) bt;
std::vector<uint8_t> buf(sphincsplus_pubkey_size(param));
auto size = sphincsplus_pubkey_size(param);
if (!size) {
RNP_LOG("invalid SLH-DSA param");
return false;
}
std::vector<uint8_t> buf(size);
if (!pkt.get(buf.data(), buf.size())) {
RNP_LOG("failed to parse SLH-DSA public key data");
return false;
Expand Down
Binary file added src/tests/data/test_fuzz_dump/abrt-5093675862917120
View file
Binary file not shown.
3 changes: 3 additions & 0 deletions src/tests/fuzz_dump.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,4 +58,7 @@ TEST_F(rnp_tests, test_fuzz_dump)

data = file_to_vec(DATA_PATH "outofmemory-6111789935624192");
assert_int_equal(dump_LLVMFuzzerTestOneInput(data.data(), data.size()), 0);

data = file_to_vec(DATA_PATH "abrt-5093675862917120");
assert_int_equal(dump_LLVMFuzzerTestOneInput(data.data(), data.size()), 0);
}

0 comments on commit c349fe4

Please sign in to comment.