Merge pull request #9223 from kareem-wolfssl/zd20543_4

SparkiDev · web-flow · commit e497d28ae1b3 · 2025-09-23T09:09:33.000+10:00
Fix non constant compare of TLS 1.3 binder, check for negative dst_len in wc_XChaCha20Poly1305_crypt_oneshot.
diff --git a/src/tls13.c b/src/tls13.c
@@ -6201,7 +6201,8 @@ static int DoPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 inputSz,
         if (ret != 0)
             return ret;
         if (binderLen != current->binderLen ||
-                             XMEMCMP(binder, current->binder, binderLen) != 0) {
+                             ConstantCompare(binder, current->binder,
+                                binderLen) != 0) {
             WOLFSSL_ERROR_VERBOSE(BAD_BINDER);
             return BAD_BINDER;
         }
diff --git a/wolfcrypt/src/chacha20_poly1305.c b/wolfcrypt/src/chacha20_poly1305.c
@@ -401,7 +401,7 @@ static WC_INLINE int wc_XChaCha20Poly1305_crypt_oneshot(
         goto out;
     }
 
-    if ((long int)dst_space < dst_len) {
+    if (dst_len <= 0 || (long int)dst_space < dst_len) {
         ret = BUFFER_E;
         goto out;
     }

Original file line number	Diff line number	Diff line change
`@@ -401,7 +401,7 @@ static WC_INLINE int wc_XChaCha20Poly1305_crypt_oneshot(`
`401`	`401`	`goto out;`
`402`	`402`	`}`
`403`	`403`
`404`		`- if ((long int)dst_space < dst_len) {`
	`404`	`+ if (dst_len <= 0 \|\| (long int)dst_space < dst_len) {`
`405`	`405`	`ret = BUFFER_E;`
`406`	`406`	`goto out;`
`407`	`407`	`}`