Feedback from Arm: guarantee that output_length <= output_size even on error, to reduce the risk that a missing error check
escalates into a buffer overflow in the application code Signed-off-by: Stephan Koch <koch@oberon.ch>
This commit is contained in:
parent
10c0f770ce
commit
5819d2c141
1 changed files with 4 additions and 0 deletions
|
@ -7855,6 +7855,8 @@ void asymmetric_encrypt(int key_type_arg,
|
|||
TEST_EQUAL(actual_status, expected_status);
|
||||
if (actual_status == PSA_SUCCESS) {
|
||||
TEST_EQUAL(output_length, expected_output_length);
|
||||
} else {
|
||||
TEST_LE_U(output_length, output_size);
|
||||
}
|
||||
|
||||
/* If the label is empty, the test framework puts a non-null pointer
|
||||
|
@ -7872,6 +7874,8 @@ void asymmetric_encrypt(int key_type_arg,
|
|||
TEST_EQUAL(actual_status, expected_status);
|
||||
if (actual_status == PSA_SUCCESS) {
|
||||
TEST_EQUAL(output_length, expected_output_length);
|
||||
} else {
|
||||
TEST_LE_U(output_length, output_size);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue