nts: check for negative length in NNA_DecryptAuthEF()

As other functions that accept a signed length, make sure it is sane in NNA_DecryptAuthEF() too.
2020-07-09 13:13:13 +02:00 · 2020-07-09 13:13:13 +02:00 · db54bfc0c1
commit db54bfc0c1
parent 72ee80debe
2 changed files with 7 additions and 0 deletions
--- a/nts_ntp_auth.c
+++ b/nts_ntp_auth.c
@ -128,6 +128,9 @@ NNA_DecryptAuthEF(NTP_Packet *packet, NTP_PacketInfo *info, SIV_Instance siv, in
  void *ef_body;
  struct AuthHeader *header;

+  if (buffer_length < 0)
+    return 0;
+
  if (!NEF_ParseField(packet, info->length, ef_start,
                      NULL, &ef_type, &ef_body, &ef_body_length))
    return 0;
--- a/test/unit/nts_ntp_auth.c
+++ b/test/unit/nts_ntp_auth.c
@ -82,6 +82,10 @@ test_unit(void)
    TEST_CHECK(r);
    TEST_CHECK(info.length - packet_length >= min_ef_length);

+    r = NNA_DecryptAuthEF(&packet, &info, siv, packet_length, plaintext2,
+                          -1, &plaintext2_length);
+    TEST_CHECK(!r);
+
    r = NNA_DecryptAuthEF(&packet, &info, siv, packet_length, plaintext2,
                          sizeof (plaintext2), &plaintext2_length);
    TEST_CHECK(r);