Allow (NULL, 0) as a representation of 0

- We don't check for NULL pointers this deep in the library - Accessing a NULL pointer when the limb number is 0 as a mistake is the very similar to any other out of bounds access - We could potentially mandate at least 1 limb representation for 0 but we either would need to enforce it or the implementation would be less robust. - Allowing zero limb representation - (NULL, 0) in particular - for zero is present in the legacy interface, if we disallow it, the compatibility code will need to deal with this (more code size and opportunities for mistakes) In summary, interpreting (NULL, 0) as the number zero in the core interface is the least of the two evils. Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-07-22 14:24:58 +01:00 · 2022-07-22 14:24:58 +01:00 · 91dc67d31c
commit 91dc67d31c
parent 4670f88991
3 changed files with 38 additions and 8 deletions
--- a/library/bignum_new.c
+++ b/library/bignum_new.c
@ -190,17 +190,13 @@ static int mpi_core_clear( mbedtls_mpi_uint *X,
                           size_t nx,
                           size_t limbs )
 {
-    if( X == NULL )
-        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-
-    else if( nx < limbs )
+    if( nx < limbs )
        return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL );

-    else
-    {
+    if( X != NULL )
        memset( X, 0, nx * ciL );
-        return( 0 );
-    }
+
+    return( 0 );
 }

 /* Convert a big-endian byte array aligned to the size of mbedtls_mpi_uint
--- a/tests/suites/test_suite_mpi.data
+++ b/tests/suites/test_suite_mpi.data
@ -82,6 +82,9 @@ mpi_read_write_string:16:"":2:"0":4:0:0
 Test mpi_write_string #10 (Negative hex with odd number of digits)
 mpi_read_write_string:16:"-1":16:"":3:0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL

+Test mbedtls_mpi_core_io functions with null pointers
+mbedtls_mpi_core_io_null
+
 Test mbedtls_mpi_core_io_be #1 (Buffer and limbs just fit, input limb-aligned)
 mbedtls_mpi_core_io_be:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":96:12:0:0

--- a/tests/suites/test_suite_mpi.function
+++ b/tests/suites/test_suite_mpi.function
@ -197,6 +197,37 @@ exit:
 }
 /* END_CASE */

+/* BEGIN_CASE */
+void mbedtls_mpi_core_io_null()
+{
+    mbedtls_mpi_uint X = 0;
+    int ret;
+
+    ret = mbedtls_mpi_core_read_be( &X, 1, NULL, 0 );
+    TEST_ASSERT( ret == 0 );
+    ret = mbedtls_mpi_core_write_be( &X, 1, NULL, 0 );
+    TEST_ASSERT( ret == 0 );
+
+    ret = mbedtls_mpi_core_read_be( NULL, 0, NULL, 0 );
+    TEST_ASSERT( ret == 0 );
+    ret = mbedtls_mpi_core_write_be( NULL, 0, NULL, 0 );
+    TEST_ASSERT( ret == 0 );
+
+    ret = mbedtls_mpi_core_read_le( &X, 1, NULL, 0 );
+    TEST_ASSERT( ret == 0 );
+    ret = mbedtls_mpi_core_write_le( &X, 1, NULL, 0 );
+    TEST_ASSERT( ret == 0 );
+
+    ret = mbedtls_mpi_core_read_le( NULL, 0, NULL, 0 );
+    TEST_ASSERT( ret == 0 );
+    ret = mbedtls_mpi_core_write_le( NULL, 0, NULL, 0 );
+    TEST_ASSERT( ret == 0 );
+
+exit:
+    ;
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void mbedtls_mpi_core_io_be( data_t *input, int nb_int, int nx_64_int, int iret,
                             int oret )