shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

more strict checks in cbor parsing

Browse Source
This commit is contained in:
Conor Patrick 2020-02-27 15:27:23 -05:00
parent 4fb166631d
commit 5738bcc7a3
1 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
fido2/ctap_parse.c
View File

@ -666,8 +666,8 @@ uint8_t ctap_parse_extensions(CborValue * val, CTAP_extensions * ext)
if (ret == CborErrorOutOfMemory) if (ret == CborErrorOutOfMemory)
{ {
printf2(TAG_ERR,"Error, rp map key is too large. Ignoring.\n"); printf2(TAG_ERR,"Error, rp map key is too large. Ignoring.\n");
cbor_value_advance(&map); check_ret( cbor_value_advance(&map) );
cbor_value_advance(&map); check_ret( cbor_value_advance(&map) );
continue; continue;
} }
check_ret(ret); check_ret(ret);
@ -1353,11 +1353,21 @@ uint8_t ctap_parse_client_pin(CTAP_clientPin * CP, uint8_t * request, int length
break; break;
case CP_getKeyAgreement: case CP_getKeyAgreement:
printf1(TAG_CP,"CP_getKeyAgreement\n"); printf1(TAG_CP,"CP_getKeyAgreement\n");
if (cbor_value_get_type(&map) != CborBooleanType)
{
printf2(TAG_ERR,"Error, expecting cbor boolean\n");
return CTAP2_ERR_INVALID_CBOR_TYPE;
}
ret = cbor_value_get_boolean(&map, &CP->getKeyAgreement); ret = cbor_value_get_boolean(&map, &CP->getKeyAgreement);
check_ret(ret); check_ret(ret);
break; break;
case CP_getRetries: case CP_getRetries:
printf1(TAG_CP,"CP_getRetries\n"); printf1(TAG_CP,"CP_getRetries\n");
if (cbor_value_get_type(&map) != CborBooleanType)
{
printf2(TAG_ERR,"Error, expecting cbor boolean\n");
return CTAP2_ERR_INVALID_CBOR_TYPE;
}
ret = cbor_value_get_boolean(&map, &CP->getRetries); ret = cbor_value_get_boolean(&map, &CP->getRetries);
check_ret(ret); check_ret(ret);
break; break;