Skip to content

Add bounds checks for size_t to int truncation in RSA_METHOD calls#3084

Merged
justsmth merged 2 commits intoaws:mainfrom
justsmth:fix-RSA_METHOD-size_t
Mar 12, 2026
Merged

Add bounds checks for size_t to int truncation in RSA_METHOD calls#3084
justsmth merged 2 commits intoaws:mainfrom
justsmth:fix-RSA_METHOD-size_t

Conversation

@justsmth
Copy link
Contributor

@justsmth justsmth commented Mar 10, 2026

Description of changes:

The RSA_METHOD function pointers (sign_raw, verify_raw, encrypt,
decrypt) accept int max_out parameters for OpenSSL API compatibility,
but the calling functions receive max_out as size_t.

In practice, max_out is bounded by the RSA modulus size and would never
approach INT_MAX. These checks are a defense-in-depth measure. The error
code (ERR_R_OVERFLOW) and error-handling pattern (*out_len = 0; return 0)
are consistent with existing overflow checks in the codebase.

Testing:

Existing RSA tests cover the normal code paths. The new bounds checks
only trigger for max_out values exceeding INT_MAX, which cannot occur
with valid RSA key sizes.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

@justsmth justsmth requested a review from a team as a code owner March 10, 2026 13:55
@justsmth justsmth changed the title Add bounds checks for to truncation in calls Add bounds checks for size_t to int truncation in RSA_METHOD calls Mar 10, 2026
@codecov-commenter
Copy link

codecov-commenter commented Mar 10, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 25.00000% with 12 lines in your changes missing coverage. Please review.
✅ Project coverage is 78.13%. Comparing base (2f1bbe4) to head (619c5e4).
⚠️ Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
crypto/rsa_extra/rsa_crypt.c 25.00% 6 Missing ⚠️
crypto/fipsmodule/rsa/rsa.c 25.00% 3 Missing ⚠️
crypto/fipsmodule/rsa/rsa_impl.c 25.00% 3 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3084      +/-   ##
==========================================
+ Coverage   78.11%   78.13%   +0.01%     
==========================================
  Files         689      689              
  Lines      121596   121612      +16     
  Branches    16981    16986       +5     
==========================================
+ Hits        94981    95016      +35     
+ Misses      25729    25714      -15     
+ Partials      886      882       -4

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@justsmth justsmth enabled auto-merge (squash) March 12, 2026 13:05
@justsmth justsmth disabled auto-merge March 12, 2026 19:00
@justsmth justsmth merged commit 23a1657 into aws:main Mar 12, 2026
643 of 658 checks passed
@justsmth justsmth deleted the fix-RSA_METHOD-size_t branch March 12, 2026 19:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nebeid nebeid nebeid approved these changes

@sgmenda sgmenda sgmenda approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@justsmth @codecov-commenter @nebeid @sgmenda