From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 2 Mar 2020 16:37:54 +0000 (+0100)
Subject: pubkey-speed: Add sanity check for the number of rounds
X-Git-Tag: 5.8.3rc1~13
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e1cc6679207f73f46a0f689fbc64a15b0c1dbe51;p=thirdparty%2Fstrongswan.git

pubkey-speed: Add sanity check for the number of rounds

The allocated buffer for the signatures is based on this, which LGTM
doesn't like.
---

diff --git a/scripts/pubkey_speed.c b/scripts/pubkey_speed.c
index 83ab4e41b0..21e4d2c1ef 100644
--- a/scripts/pubkey_speed.c
+++ b/scripts/pubkey_speed.c
@@ -56,6 +56,10 @@ int main(int argc, char *argv[])
 	}
 
 	rounds = atoi(argv[3]);
+	if (rounds < 0 || rounds > (2^26))
+	{	/* arbitrary limit to the number of chunk_t/sigs that fit into 1 GiB */
+		usage();
+	}
 
 	if (streq(argv[2], "rsa"))
 	{