Be explicit about why the zero-length check is there
Since a valid mac operation context would guarantee that the stored mac size is >= 4, it wasn't immediately obvious that the zero-length check is meant for static analyzers and a bit of robustness. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
This commit is contained in:
Steven Cooreman
parent
ae3ec52d8d
commit
8af5c5c7de
1 changed files with 6 additions and 2 deletions
|
|
@ -2388,8 +2388,12 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
|
|||
if( ! operation->is_sign )
|
||||
return( PSA_ERROR_BAD_STATE );
|
||||
|
||||
/* Sanity checks on output buffer length. */
|
||||
if( mac_size == 0 || mac_size < operation->mac_size )
|
||||
/* Sanity check. This will guarantee that mac_size != 0 (and so mac != NULL)
|
||||
* once all the error checks are done. */
|
||||
if( operation->mac_size == 0 )
|
||||
return( PSA_ERROR_BAD_STATE );
|
||||
|
||||
if( mac_size < operation->mac_size )
|
||||
return( PSA_ERROR_BUFFER_TOO_SMALL );
|
||||
|
||||
status = psa_driver_wrapper_mac_sign_finish( operation,
|
||||
|
|
|
|||
Loading…
Reference in a new issue