commit 6486773583b5983af8250a47cf07eca938e0e422
author Matej Zachar <zachar.matej@gmail.com> Fri Nov 29 10:01:13 2024 +0100
committer Jerome Forissier <jerome@forissier.org> Fri Nov 29 17:32:41 2024 +0100
tree 028daf5bdc2f50db98fe27c02426478901909510
parent 0a22c22a65cf6f18dc42175ac4455934dcc32e84

libckteec: Validate EdDSA mechanism parameter length

This fixes Segmentation fault when no parameter is provided
as specified in pkcs11 v3.0 spec for Ed25519 Signature Scheme

Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Matej Zachar <zachar.matej@gmail.com>

libckteec/src/serialize_ck.c

diff --git a/libckteec/src/serialize_ck.c b/libckteec/src/serialize_ck.c
index f4e7c32..f8b5bf9 100644
--- a/libckteec/src/serialize_ck.c
+++ b/libckteec/src/serialize_ck.c
@@ -674,6 +674,23 @@
 {
 	CK_RV rv = CKR_GENERAL_ERROR;
 	CK_EDDSA_PARAMS *params = mecha->pParameter;
+	CK_ULONG params_len = mecha->ulParameterLen;
+	/*
+	 * When no parameter is provided, the expected operation is
+	 * no-prehash and no-context.
+	 */
+	CK_EDDSA_PARAMS default_params = {
+		.phFlag = 0,
+		.ulContextDataLen = 0,
+	};
+
+	if (params_len == 0) {
+		params = &default_params;
+		params_len = sizeof(*params);
+	}
+
+	if (params_len != sizeof(*params))
+		return CKR_ARGUMENTS_BAD;
 
 	rv = serialize_32b(obj, obj->type);
 	if (rv)