Add overflow check for maximum key slot length

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2025-03-21 10:20:51 +00:00 · 2024-08-21 15:38:44 +01:00 · 2024-08-21 15:38:44 +01:00 · 0b2bd071f8
commit 0b2bd071f8
parent 68a4b7453f
1 changed files with 5 additions and 0 deletions
--- a/tf-psa-crypto/core/psa_crypto_slot_management.c
+++ b/tf-psa-crypto/core/psa_crypto_slot_management.c
@ -111,6 +111,11 @@ MBEDTLS_STATIC_ASSERT(PSA_KEY_ID_VOLATILE_MAX < MBEDTLS_PSA_KEY_ID_BUILTIN_MIN |
 #error "Slice index does not fit in uint8_t for psa_key_slot_t::slice_index"
 #endif

+MBEDTLS_STATIC_ASSERT((KEY_SLOT_VOLATILE_SLICE_BASE_LENGTH
+                       & (SIZE_MAX >> (KEY_SLOT_VOLATILE_SLICE_COUNT - 1)))
+                      == KEY_SLOT_VOLATILE_SLICE_BASE_LENGTH,
+                      "Maximum slice length overflows size_t");
+

 /* Calculate the volatile key id to use for a given slot.
 * This function assumes valid parameter values. */