macOS: use heap for 300kBytes memory

On macOS, the stack seems to blow up sometimes when using 300kBytes.
Therefore, the malicious test now always allocates the buffer on
heap.

Also, prevent double clearing of memory.

Signed-off-by: Stephan Mueller <smueller@chronox.de>

Author: smuellerDD

asn1/api/lc_x509_common.h

@@ -303,7 +303,7 @@ struct lc_x509_certificate {
 	unsigned int
 		unsupported_sig : 1; /* T if signature uses unsupported crypto */
 	unsigned int blacklisted : 1;
-	unsigned int preallocated : 1;
+	unsigned int allocated : 1;
 };
 
 /// \endcond

asn1/src/pkcs7_memory.c

@@ -88,11 +88,11 @@ int pkcs7_sinfo_get(struct lc_pkcs7_signed_info **sinfo,
 
 void pkcs7_x509_free(struct lc_x509_certificate *x509)
 {
-	if (x509->preallocated) {
+	if (x509->allocated) {
 		lc_x509_cert_clear(x509);
+		lc_free(x509);
 	} else {
 		lc_x509_cert_clear(x509);
-		lc_free(x509);
 	}
 }
 
@@ -109,10 +109,10 @@ int pkcs7_x509_get(struct lc_x509_certificate **x509,
 		tmp_x509 = pkcs7->preallocated_x509;
 		pkcs7->consumed_preallocated_x509++;
 		pkcs7->preallocated_x509++;
-		tmp_x509->preallocated = 1;
 	} else {
 		CKINT(lc_alloc_aligned((void **)&tmp_x509, 8,
 				       sizeof(struct lc_x509_certificate)));
+		tmp_x509->allocated = 1;
 	}
 
 	*x509 = tmp_x509;

asn1/src/x509_cert_parser.c

@@ -404,7 +404,7 @@ static int x509_fabricate_name(struct x509_parse_context *ctx, size_t hdrlen,
 				     data + ctx->o_offset, 7) == 0)
 			goto single_component;
 
-		if (ctx->o_size + 2 + ctx->cn_size + 1 >
+		if (ctx->o_size + 2 + ctx->cn_size + 1 >=
 		    LC_ASN1_MAX_ISSUER_NAME) {
 			ret = -EOVERFLOW;
 			goto out;
@@ -431,7 +431,7 @@ static int x509_fabricate_name(struct x509_parse_context *ctx, size_t hdrlen,
 	}
 
 single_component:
-	if (namesize > LC_ASN1_MAX_ISSUER_NAME) {
+	if (namesize >= LC_ASN1_MAX_ISSUER_NAME) {
 		ret = -EOVERFLOW;
 		goto out;
 	}
@@ -1133,16 +1133,20 @@ int x509_version(void *context, size_t hdrlen, unsigned char tag,
 LC_INTERFACE_FUNCTION(void, lc_x509_cert_clear,
 		      struct lc_x509_certificate *cert)
 {
-	unsigned int prealloc;
+	unsigned char alloc;
 
 	if (!cert)
 		return;
 
-	prealloc = cert->preallocated;
+	alloc = cert->allocated;
 	public_key_clear(&cert->pub);
 	public_key_signature_clear(&cert->sig);
 	lc_memset_secure(cert, 0, sizeof(struct lc_x509_certificate));
-	cert->preallocated = prealloc;
+
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+	cert->allocated = alloc;
+#pragma GCC diagnostic pop
 }
 
 LC_INTERFACE_FUNCTION(int, lc_x509_cert_decode,

asn1/tests/pkcs7_trust_malicious1_tester.c

@@ -27,6 +27,10 @@
 
 #include "../../apps/src/lc_x509_generator_helper.h"
 
+/*
+ * This is a large memory buffer - use heap to allocate it as stack may
+ * explode on some platforms like macOS.
+ */
 struct workspace {
 	struct lc_pkcs7_trust_store trust_store;
 	struct lc_x509_certificate ca1, ca2, ca3, ca1_dec, ca2_dec, ca3_dec;
@@ -59,8 +63,6 @@ static int pkcs7_malicious_set_cert(struct lc_x509_certificate *cert)
 
 	CKINT(lc_x509_cert_set_ca(cert));
 
-	cert->preallocated = 1;
-
 out:
 	return ret;
 }
@@ -79,8 +81,6 @@ static int pkcs7_malicious_set_cert2(struct lc_x509_certificate *cert)
 	CKINT(lc_x509_cert_set_keyusage(cert, "keyCertSign"));
 	CKINT(lc_x509_cert_set_keyusage(cert, "critical"));
 
-	cert->preallocated = 1;
-
 out:
 	return ret;
 }
@@ -145,10 +145,6 @@ static int pkcs7_maclious_gen_certs(struct workspace *ws, int set_ca3_akid_null)
 		  "X.509 decode CA3\n");
 	CKINT(lc_x509_cert_set_signer(&ws->ca3_dec, &ws->keys3, &ws->ca2_dec));
 
-	ws->ca1_dec.preallocated = 1;
-	ws->ca2_dec.preallocated = 1;
-	ws->ca3_dec.preallocated = 1;
-
 out:
 	return ret;
 }
@@ -199,7 +195,9 @@ static void pkcs7_malicious_clear(struct workspace *ws)
 	lc_x509_cert_clear(&ws->ca3_dec);
 	lc_pkcs7_message_clear(&ws->pkcs7);
 	lc_pkcs7_message_clear(&ws->pkcs7_dec);
-	lc_pkcs7_trust_store_clear(&ws->trust_store);
+
+	/* Do not clear trust store all all its certs are cleared before */
+	//lc_pkcs7_trust_store_clear(&ws->trust_store);
 }
 
 /*
@@ -208,7 +206,7 @@ static void pkcs7_malicious_clear(struct workspace *ws)
 static int pkcs7_maclious_certs8(void)
 {
 	int ret = 0;
-	LC_DECLARE_MEM(ws, struct workspace, sizeof(uint64_t));
+	__LC_DECLARE_MEM_HEAP(ws, struct workspace, sizeof(uint64_t));
 
 	CKINT(pkcs7_maclious_gen_certs(ws, 1));
 	CKINT(pkcs7_maclious_gen_msg(ws));
@@ -222,7 +220,7 @@ static int pkcs7_maclious_certs8(void)
 
 out:
 	pkcs7_malicious_clear(ws);
-	LC_RELEASE_MEM(ws);
+	__LC_RELEASE_MEM_HEAP(ws);
 	return ret;
 }
 
@@ -234,7 +232,7 @@ static int pkcs7_maclious_certs7(void)
 {
 	uint8_t *pk;
 	int ret = 0;
-	LC_DECLARE_MEM(ws, struct workspace, sizeof(uint64_t));
+	__LC_DECLARE_MEM_HEAP(ws, struct workspace, sizeof(uint64_t));
 
 	CKINT(pkcs7_maclious_gen_certs(ws, 0));
 	CKINT(pkcs7_maclious_gen_msg(ws));
@@ -248,7 +246,7 @@ static int pkcs7_maclious_certs7(void)
 
 out:
 	pkcs7_malicious_clear(ws);
-	LC_RELEASE_MEM(ws);
+	__LC_RELEASE_MEM_HEAP(ws);
 	return ret;
 }
 
@@ -261,7 +259,7 @@ static int pkcs7_maclious_certs6(void)
 {
 	uint8_t *pk;
 	int ret = 0;
-	LC_DECLARE_MEM(ws, struct workspace, sizeof(uint64_t));
+	__LC_DECLARE_MEM_HEAP(ws, struct workspace, sizeof(uint64_t));
 
 	CKINT(pkcs7_maclious_gen_certs(ws, 0));
 	CKINT(pkcs7_maclious_gen_msg(ws));
@@ -279,7 +277,7 @@ static int pkcs7_maclious_certs6(void)
 
 out:
 	pkcs7_malicious_clear(ws);
-	LC_RELEASE_MEM(ws);
+	__LC_RELEASE_MEM_HEAP(ws);
 	return ret;
 }
 
@@ -293,7 +291,7 @@ static int pkcs7_maclious_certs5(void)
 {
 	uint8_t *pk;
 	int ret = 0;
-	LC_DECLARE_MEM(ws, struct workspace, sizeof(uint64_t));
+	__LC_DECLARE_MEM_HEAP(ws, struct workspace, sizeof(uint64_t));
 
 	CKINT(pkcs7_maclious_gen_certs(ws, 0));
 	CKINT(pkcs7_maclious_gen_msg(ws));
@@ -307,7 +305,7 @@ static int pkcs7_maclious_certs5(void)
 
 out:
 	pkcs7_malicious_clear(ws);
-	LC_RELEASE_MEM(ws);
+	__LC_RELEASE_MEM_HEAP(ws);
 	return ret;
 }
 
@@ -321,7 +319,7 @@ static int pkcs7_maclious_certs4(void)
 {
 	uint8_t *sig;
 	int ret = 0;
-	LC_DECLARE_MEM(ws, struct workspace, sizeof(uint64_t));
+	__LC_DECLARE_MEM_HEAP(ws, struct workspace, sizeof(uint64_t));
 
 	CKINT(pkcs7_maclious_gen_certs(ws, 0));
 	CKINT(pkcs7_maclious_gen_msg(ws));
@@ -335,7 +333,7 @@ static int pkcs7_maclious_certs4(void)
 
 out:
 	pkcs7_malicious_clear(ws);
-	LC_RELEASE_MEM(ws);
+	__LC_RELEASE_MEM_HEAP(ws);
 	return ret;
 }
 
@@ -351,7 +349,7 @@ static int pkcs7_maclious_certs4(void)
 static int pkcs7_maclious_certs2(void)
 {
 	int ret = 0;
-	LC_DECLARE_MEM(ws, struct workspace, sizeof(uint64_t));
+	__LC_DECLARE_MEM_HEAP(ws, struct workspace, sizeof(uint64_t));
 
 	CKINT(pkcs7_maclious_gen_certs(ws, 0));
 	CKINT(pkcs7_maclious_gen_msg(ws));
@@ -368,7 +366,7 @@ static int pkcs7_maclious_certs2(void)
 
 out:
 	pkcs7_malicious_clear(ws);
-	LC_RELEASE_MEM(ws);
+	__LC_RELEASE_MEM_HEAP(ws);
 	return ret;
 }
 
@@ -378,7 +376,7 @@ static int pkcs7_maclious_certs2(void)
 static int pkcs7_maclious_certs1(void)
 {
 	int ret = 0;
-	LC_DECLARE_MEM(ws, struct workspace, sizeof(uint64_t));
+	__LC_DECLARE_MEM_HEAP(ws, struct workspace, sizeof(uint64_t));
 
 	CKINT(pkcs7_maclious_gen_certs(ws, 0));
 	CKINT(pkcs7_maclious_gen_msg(ws));
@@ -388,7 +386,7 @@ static int pkcs7_maclious_certs1(void)
 
 out:
 	pkcs7_malicious_clear(ws);
-	LC_RELEASE_MEM(ws);
+	__LC_RELEASE_MEM_HEAP(ws);
 	return ret;
 }
 
@@ -400,7 +398,7 @@ static int pkcs7_maclious_certs1(void)
 static int pkcs7_maclious_certs0(void)
 {
 	int ret = 0;
-	LC_DECLARE_MEM(ws, struct workspace, sizeof(uint64_t));
+	__LC_DECLARE_MEM_HEAP(ws, struct workspace, sizeof(uint64_t));
 
 	CKINT(pkcs7_maclious_gen_certs(ws, 0));
 	CKINT(pkcs7_maclious_gen_msg(ws));
@@ -414,7 +412,7 @@ static int pkcs7_maclious_certs0(void)
 
 out:
 	pkcs7_malicious_clear(ws);
-	LC_RELEASE_MEM(ws);
+	__LC_RELEASE_MEM_HEAP(ws);
 	return ret;
 }