F-3312 added condition to handle empty string as null ptr explicitly#232
Conversation
wolfSSL-Fenrir-bot
left a comment
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #232
Scan targets checked: wolfclu-bugs, wolfclu-src
No new issues found in the changed files. ✅
aidankeefe2022
force-pushed
the
fix-out-of-bound-read
branch
from
5c1faf8 to
e2423c6
Compare
There was a problem hiding this comment.
Pull request overview
Fixes an out-of-bounds read in wolfCLU_CertSignAppendOut that occurred when csign->outDir was set to an empty string. In that case, the relative-path branch later indexed csign->outDir[currentSz - 1] with currentSz == 0, reading outDir[-1]. The fix treats an empty outDir as if it were NULL by freeing it and resetting the pointer.
Changes:
- Treat an empty
csign->outDiras NULL by callingwolfCLU_CertSignSetOut(csign, NULL)early in the function. - Initialize
outSzto 0 at declaration. - Minor whitespace edits (removed a blank comment line in the license header; added two blank lines between case 1 and case 2 blocks).
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
@aidankeefe2022 see new copilot comments above, thanks |
…and initialized function variable to avoid possible future UB. And fix formatting
aidankeefe2022
force-pushed
the
fix-out-of-bound-read
branch
from
e2423c6 to
1702375
Compare
wolfSSL-Fenrir-bot
left a comment
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #232
Scan targets checked: wolfclu-bugs, wolfclu-src
No new issues found in the changed files. ✅
added check to prevent out of bounds read of the outDir field later in the function that could occur on line 1121 in the wolfCLU_CertSignAppendOut function. The out of bounds read could have occured before this fix an empty string was passed and the string was accessed at the -1 index.