Skip to content
This repository has been archived by the owner on Nov 11, 2024. It is now read-only.

Commit

Permalink
Fix buffer overflow on r_jwe_aesgcm_key_unwrap
Browse files Browse the repository at this point in the history
  • Loading branch information
@babelouest
babelouest committed May 28, 2022
1 parent 95415a7 commit b4c2923
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions src/jwe.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1843,11 +1843,21 @@ static int r_jwe_aesgcm_key_unwrap(jwe_t * jwe, jwa_alg alg, jwk_t * jwk, int x5
ret = RHN_ERROR;
break;
}
if (!o_base64url_decode((const unsigned char *)r_jwe_get_header_str_value(jwe, "iv"), o_strlen(r_jwe_get_header_str_value(jwe, "iv")), NULL, &iv_len) || iv_len > 96) {
y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_aesgcm_key_unwrap - Invalid header iv");
ret = RHN_ERROR_INVALID;
break;
}
if (!o_base64url_decode((const unsigned char *)r_jwe_get_header_str_value(jwe, "iv"), o_strlen(r_jwe_get_header_str_value(jwe, "iv")), iv, &iv_len)) {
y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_aesgcm_key_unwrap - Error o_base64url_decode iv");
ret = RHN_ERROR_INVALID;
break;
}
if (!o_base64url_decode((const unsigned char *)jwe->encrypted_key_b64url, o_strlen((const char *)jwe->encrypted_key_b64url), NULL, &cipherkey_len) || cipherkey_len > 64) {
y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_aesgcm_key_unwrap - Invalid cipherkey");
ret = RHN_ERROR_INVALID;
break;
}
if (!o_base64url_decode((const unsigned char *)jwe->encrypted_key_b64url, o_strlen((const char *)jwe->encrypted_key_b64url), cipherkey, &cipherkey_len)) {
y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_aesgcm_key_unwrap - Error o_base64url_decode cipherkey");
ret = RHN_ERROR_INVALID;
Expand Down

0 comments on commit b4c2923

Please sign in to comment.