Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

hpke: Enforces passing a slice of exact size to UnmarshalBinary for KEM keys #489

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

armfazh
Copy link
Contributor

@armfazh armfazh commented Mar 14, 2024

hpke: Allows passing a larger buffer to UnmarshalBinary for KEM keys.
It checks data passed is in the right boundaries.
Also adds a test showing the issue.

Fixes #488

@armfazh armfazh added the fix-A-bug code that fix a bug label Mar 14, 2024
@armfazh armfazh requested review from bwesterb and Lekensteyn March 14, 2024 00:05
@armfazh armfazh self-assigned this Mar 14, 2024
@bwesterb
Copy link
Member

Why should we accept a buffer that is too large? Wouldn't we miss certain bugs if we do?

@armfazh
Copy link
Contributor Author

armfazh commented Apr 26, 2024

Agree, I have changed the code, so now, it enforces passing a slice of the exact size when unmarshaling keys. Otherwise, it returns an error instead of panic, which is the actual bug reported in #488 .

@armfazh armfazh changed the title hpke: Allows passing a larger buffer to UnmarshalBinary for KEM keys hpke: Enforces passing a slice of exact size to UnmarshalBinary for KEM keys Apr 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
fix-A-bug code that fix a bug
Projects
None yet
Development

Successfully merging this pull request may close these issues.

hpke: slice bounds out of range in shortKEM.UnmarshalBinaryPrivateKey
2 participants