From: Richard Levitte Date: Sun, 12 Jun 2022 04:03:50 +0000 (+0200) Subject: test/evp_test.c: Check too big output buffer sizes in PKEYKDF tests X-Git-Tag: openssl-3.2.0-alpha1~2530 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f68283c18eaf015e7500e59a6adf3dbb3ee74f59;p=thirdparty%2Fopenssl.git test/evp_test.c: Check too big output buffer sizes in PKEYKDF tests EVP_PKEY_derive() should be able to cope with a too big buffer for fixed size outputs. However, we don't test that. This change modifies the PKEYKDF tests to ask EVP_PKEY_derive() what the desired output buffer size is, and as long as the returned value isn't absurd (indicating that anything goes), the output buffer is made to be twice as big as what is expected. Tests #18517 Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18533) (cherry picked from commit a0587aaeff7391b8cf4ee4c6a233d0f4dca7d62f) --- diff --git a/test/evp_test.c b/test/evp_test.c index 4198787bb95..5d51c47ef5c 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -2897,7 +2897,23 @@ static int pkey_kdf_test_run(EVP_TEST *t) { PKEY_KDF_DATA *expected = t->data; unsigned char *got = NULL; - size_t got_len = expected->output_len; + size_t got_len = 0; + + /* Find out the KDF output size */ + if (EVP_PKEY_derive(expected->ctx, NULL, &got_len) <= 0) { + t->err = "INTERNAL_ERROR"; + goto err; + } + + /* + * We may get an absurd output size, which signals that anything goes. + * If not, we specify a too big buffer for the output, to test that + * EVP_PKEY_derive() can cope with it. + */ + if (got_len == SIZE_MAX || got_len == 0) + got_len = expected->output_len; + else + got_len = expected->output_len * 2; if (!TEST_ptr(got = OPENSSL_malloc(got_len == 0 ? 1 : got_len))) { t->err = "INTERNAL_ERROR";