Skip to content

Commit 19952d9

Browse files
author
itayzafrir
committed
Do not allocate zero sized buffers - aead
1 parent 18feb26 commit 19952d9

File tree

1 file changed

+40
-50
lines changed

1 file changed

+40
-50
lines changed

components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c

Lines changed: 40 additions & 50 deletions
Original file line numberDiff line numberDiff line change
@@ -839,63 +839,53 @@ static void psa_aead_operation()
839839
switch (psa_crypto.func) {
840840
case PSA_AEAD_ENCRYPT:
841841
case PSA_AEAD_DECRYPT: {
842-
uint8_t *input;
843-
uint8_t *additional_data;
844-
uint8_t *output;
845-
size_t output_length = 0;
842+
uint8_t *input = NULL, *additional_data = NULL, *output = NULL, *buffer = NULL;
843+
size_t output_length = 0,
844+
buffer_size = msg.in_size[1],
845+
output_size = msg.out_size[0];
846846

847-
uint8_t *buffer = mbedtls_calloc(1, msg.in_size[1]);
848-
if (buffer == NULL) {
849-
status = PSA_ERROR_INSUFFICIENT_MEMORY;
850-
break;
851-
}
847+
if (buffer_size > 0) {
848+
buffer = mbedtls_calloc(1, buffer_size);
849+
if (buffer == NULL) {
850+
status = PSA_ERROR_INSUFFICIENT_MEMORY;
851+
} else {
852+
bytes_read = psa_read(msg.handle, 1, buffer, buffer_size);
853+
if (bytes_read != buffer_size) {
854+
SPM_PANIC("SPM read length mismatch");
855+
}
852856

853-
bytes_read = psa_read(msg.handle, 1, buffer,
854-
msg.in_size[1]);
855-
if (bytes_read != msg.in_size[1]) {
856-
SPM_PANIC("SPM read length mismatch");
857+
additional_data = buffer;
858+
input = buffer + psa_crypto.additional_data_length;
859+
}
857860
}
858-
859-
additional_data = buffer;
860-
input = buffer + psa_crypto.additional_data_length;
861-
862-
output = mbedtls_calloc(1, msg.out_size[0]);
863-
if (output == NULL) {
864-
mbedtls_free(buffer);
865-
status = PSA_ERROR_INSUFFICIENT_MEMORY;
866-
break;
861+
if (status == PSA_SUCCESS && output_size > 0) {
862+
output = mbedtls_calloc(1, output_size);
863+
if (output == NULL) {
864+
status = PSA_ERROR_INSUFFICIENT_MEMORY;
865+
}
867866
}
868867

869-
if (psa_crypto.func == PSA_AEAD_ENCRYPT)
870-
status = psa_aead_encrypt(psa_crypto.handle,
871-
psa_crypto.alg,
872-
psa_crypto.nonce,
873-
(size_t)psa_crypto.nonce_size,
874-
additional_data,
875-
psa_crypto.additional_data_length,
876-
input,
877-
psa_crypto.input_length,
878-
output,
879-
msg.out_size[0],
880-
&output_length);
881-
else
882-
status = psa_aead_decrypt(psa_crypto.handle,
883-
psa_crypto.alg,
884-
psa_crypto.nonce,
885-
(size_t)psa_crypto.nonce_size,
886-
additional_data,
887-
psa_crypto.additional_data_length,
888-
input,
889-
psa_crypto.input_length,
890-
output,
891-
msg.out_size[0],
892-
&output_length);
893-
894868
if (status == PSA_SUCCESS) {
895-
psa_write(msg.handle, 0, output, output_length);
896-
psa_write(msg.handle, 1,
897-
&output_length, sizeof(output_length));
869+
if (psa_crypto.func == PSA_AEAD_ENCRYPT) {
870+
status = psa_aead_encrypt(psa_crypto.handle, psa_crypto.alg,
871+
psa_crypto.nonce, (size_t)psa_crypto.nonce_size,
872+
additional_data, psa_crypto.additional_data_length,
873+
input, psa_crypto.input_length,
874+
output, output_size, &output_length);
875+
} else {
876+
status = psa_aead_decrypt(psa_crypto.handle, psa_crypto.alg,
877+
psa_crypto.nonce, (size_t)psa_crypto.nonce_size,
878+
additional_data, psa_crypto.additional_data_length,
879+
input, psa_crypto.input_length,
880+
output, output_size, &output_length);
881+
}
882+
883+
if (status == PSA_SUCCESS) {
884+
psa_write(msg.handle, 0, output, output_length);
885+
psa_write(msg.handle, 1, &output_length, sizeof(output_length));
886+
}
898887
}
888+
899889
mbedtls_free(buffer);
900890
mbedtls_free(output);
901891
break;

0 commit comments

Comments
 (0)