mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-16 08:42:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add static assert check

Browse Source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-01-21 18:14:45 +08:00
parent 971988528d
commit b476a44fc6
1 changed files with 18 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
library/ssl_tls.c
View File

@ -25,6 +25,8 @@
#if defined(MBEDTLS_SSL_TLS_C) #if defined(MBEDTLS_SSL_TLS_C)
#include <assert.h>
#if defined(MBEDTLS_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
@ -3160,35 +3162,35 @@ static int ssl_handshake_init( mbedtls_ssl_context *ssl )
{ {
const int *md; const int *md;
const int *sig_hashes = ssl->conf->sig_hashes; const int *sig_hashes = ssl->conf->sig_hashes;
size_t sig_algs_len = sizeof( uint16_t ); size_t sig_algs_len = 0;
size_t sig_algs_len_per_hash = 0;
uint16_t *p; uint16_t *p;
#if defined(MBEDTLS_ECDSA_C) #if defined(static_assert)
sig_algs_len_per_hash += sizeof( uint16_t ); static_assert( MBEDTLS_SSL_MAX_SIG_ALG_LIST_LEN
#endif <= ( SIZE_MAX - ( 2 * sizeof(uint16_t) ) ),
#if defined(MBEDTLS_RSA_C) "MBEDTLS_SSL_MAX_SIG_ALG_LIST_LEN too big" );
sig_algs_len_per_hash += sizeof( uint16_t );
#endif #endif
for( md = sig_hashes; *md != MBEDTLS_MD_NONE; md++ ) for( md = sig_hashes; *md != MBEDTLS_MD_NONE; md++ )
{ {
if( mbedtls_ssl_hash_from_md_alg( *md ) == MBEDTLS_SSL_HASH_NONE ) if( mbedtls_ssl_hash_from_md_alg( *md ) == MBEDTLS_SSL_HASH_NONE )
continue; continue;
if( sig_algs_len > #if defined(MBEDTLS_ECDSA_C)
( MBEDTLS_SSL_MAX_SIG_ALG_LIST_LEN + sizeof( uint16_t ) sig_algs_len += sizeof( uint16_t );
- sig_algs_len_per_hash ) ) #endif
{
return( MBEDTLS_ERR_SSL_BAD_CONFIG );
}
sig_algs_len += sig_algs_len_per_hash; #if defined(MBEDTLS_RSA_C)
sig_algs_len += sizeof( uint16_t );
#endif
if( sig_algs_len > MBEDTLS_SSL_MAX_SIG_ALG_LIST_LEN )
return( MBEDTLS_ERR_SSL_BAD_CONFIG );
} }
if( sig_algs_len < MBEDTLS_SSL_MIN_SIG_ALG_LIST_LEN + sizeof( uint16_t )) if( sig_algs_len < MBEDTLS_SSL_MIN_SIG_ALG_LIST_LEN )
return( MBEDTLS_ERR_SSL_BAD_CONFIG ); return( MBEDTLS_ERR_SSL_BAD_CONFIG );
ssl->handshake->sig_algs = mbedtls_calloc( 1, sig_algs_len ); ssl->handshake->sig_algs = mbedtls_calloc( 1, sig_algs_len +
sizeof( uint16_t ));
if( ssl->handshake->sig_algs == NULL ) if( ssl->handshake->sig_algs == NULL )
return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); return( MBEDTLS_ERR_SSL_ALLOC_FAILED );