From: slontis Date: Wed, 19 Feb 2025 20:54:54 +0000 (+1100) Subject: SLH-DSA coverity fixes. X-Git-Tag: openssl-3.5.0-alpha1~131 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=92159b48e95b6e96b09d0efb4cb418c3497f5cf0;p=thirdparty%2Fopenssl.git SLH-DSA coverity fixes. Fixes 1643092 and 1643093 Neither of these are major issues, but fixed anyway.. i.e. 1< Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/26835) --- diff --git a/crypto/slh_dsa/slh_dsa.c b/crypto/slh_dsa/slh_dsa.c index c961883537f..a85ca3d4ac2 100644 --- a/crypto/slh_dsa/slh_dsa.c +++ b/crypto/slh_dsa/slh_dsa.c @@ -354,7 +354,7 @@ static int get_tree_ids(PACKET *rpkt, const SLH_DSA_PARAMS *params, * i.e. A & (0xFFFF_FFFF_FFFF_FFFF >> (64 - X)) */ tree_id_mask = (~(uint64_t)0) >> (64 - (params->h - params->hm)); - leaf_id_mask = (1 << params->hm) - 1; /* max value is 0x1FF when hm = 9 */ + leaf_id_mask = ((uint64_t)1 << params->hm) - 1; /* max value is 0x1FF when hm = 9 */ *tree_id = bytes_to_u64_be(tree_id_bytes, tree_id_len) & tree_id_mask; *leaf_id = (uint32_t)(bytes_to_u64_be(leaf_id_bytes, leaf_id_len) & leaf_id_mask); return 1; diff --git a/crypto/slh_dsa/slh_fors.c b/crypto/slh_dsa/slh_fors.c index 49fb67a8628..f3a557739e0 100644 --- a/crypto/slh_dsa/slh_fors.c +++ b/crypto/slh_dsa/slh_fors.c @@ -181,7 +181,8 @@ int ossl_slh_fors_sign(SLH_DSA_HASH_CTX *ctx, const uint8_t *md, return 0; node_id >>= 1; /* Get the parent node id */ tree_offset >>= 1; /* Each layer up has half as many nodes */ - WPACKET_memcpy(sig_wpkt, out, n); + if (!WPACKET_memcpy(sig_wpkt, out, n)) + return 0; } tree_id_times_two_power_a += two_power_a; }