From 6693ea3812c96e8e9f530a9453fef04920541c59 Mon Sep 17 00:00:00 2001 From: Kareem Date: Fri, 3 Apr 2026 16:05:44 -0700 Subject: [PATCH 1/5] Ensure esd->signedAttribsCount contains the correct count in case some are skipped by using the current idx rather than the total array size. Thanks to Zou Dikai for the report. --- wolfcrypt/src/pkcs7.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 62a2b80337..b2c513e98d 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -2252,7 +2252,7 @@ static int wc_PKCS7_BuildSignedAttributes(wc_PKCS7* pkcs7, ESD* esd, idx++; } - esd->signedAttribsCount += cannedAttribsCount; + esd->signedAttribsCount += idx; esd->signedAttribsSz += (word32)EncodeAttributes( &esd->signedAttribs[atrIdx], (int)idx, cannedAttribs, (int)cannedAttribsCount); From c99bc5d49ba1eaa8926ffc670b8c6d7e2411b217 Mon Sep 17 00:00:00 2001 From: Kareem Date: Fri, 3 Apr 2026 16:06:35 -0700 Subject: [PATCH 2/5] In wc_PKCS7_DecodeEnvelopedData, confirm encryptedContentTotalSz does not exceed the total message size before using it in the non-streaming case. Thanks to Zou Dikai for the report. --- wolfcrypt/src/pkcs7.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index b2c513e98d..c9dcacfc3b 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -13223,6 +13223,11 @@ int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } wc_PKCS7_DecryptContentFree(pkcs7, encOID, pkcs7->heap); } else { + if ((idx + (word32)encryptedContentTotalSz) > pkiMsgSz) { + ret = BUFFER_E; + break; + } + pkcs7->cachedEncryptedContentSz = (word32)encryptedContentTotalSz; pkcs7->totalEncryptedContentSz = From 94955b1ff385fd2df2d41130ba93cb41bd0bb502 Mon Sep 17 00:00:00 2001 From: Kareem Date: Fri, 3 Apr 2026 16:56:04 -0700 Subject: [PATCH 3/5] Code review feedback --- wolfcrypt/src/pkcs7.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index c9dcacfc3b..184984e809 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -2255,7 +2255,7 @@ static int wc_PKCS7_BuildSignedAttributes(wc_PKCS7* pkcs7, ESD* esd, esd->signedAttribsCount += idx; esd->signedAttribsSz += (word32)EncodeAttributes( &esd->signedAttribs[atrIdx], (int)idx, cannedAttribs, - (int)cannedAttribsCount); + (int)idx); atrIdx += idx; } else { esd->signedAttribsCount = 0; @@ -13223,7 +13223,9 @@ int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } wc_PKCS7_DecryptContentFree(pkcs7, encOID, pkcs7->heap); } else { - if ((idx + (word32)encryptedContentTotalSz) > pkiMsgSz) { + word32 tmpSum; + if (!WC_SAFE_SUM_WORD32(idx, (word32)encryptedContentTotalSz, tmpSum) || + tmpSum > pkiMsgSz) { ret = BUFFER_E; break; } From ee8b6544078f512c11e99db1d449cda0b7725cdd Mon Sep 17 00:00:00 2001 From: Kareem Date: Mon, 6 Apr 2026 11:58:12 -0700 Subject: [PATCH 4/5] Fix unused variable error --- wolfcrypt/src/pkcs7.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 184984e809..4235fe8495 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -2196,7 +2196,6 @@ static int wc_PKCS7_BuildSignedAttributes(wc_PKCS7* pkcs7, ESD* esd, #endif word32 idx = 0; word32 atrIdx = 0; - word32 cannedAttribsCount; if (pkcs7 == NULL || esd == NULL || contentType == NULL || contentTypeOid == NULL || messageDigestOid == NULL || @@ -2219,8 +2218,6 @@ static int wc_PKCS7_BuildSignedAttributes(wc_PKCS7* pkcs7, ESD* esd, return timeSz; #endif - cannedAttribsCount = sizeof(cannedAttribs)/sizeof(PKCS7Attrib); - XMEMSET(&cannedAttribs[idx], 0, sizeof(cannedAttribs[idx])); if ((pkcs7->defaultSignedAttribs & WOLFSSL_CONTENT_TYPE_ATTRIBUTE) || From 6f6b6e7e3dccc4e813538afa391a47c01c719d84 Mon Sep 17 00:00:00 2001 From: Kareem Date: Mon, 6 Apr 2026 16:41:32 -0700 Subject: [PATCH 5/5] Add additional checks for encryptedContentSz exceeding pkiMsgSz. --- wolfcrypt/src/pkcs7.c | 38 ++++++++++++++++++++++++++------------ 1 file changed, 26 insertions(+), 12 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 4235fe8495..c37f4e5eb4 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -14356,9 +14356,17 @@ int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, } if (ret == 0) { - XMEMCPY(encryptedContent, &pkiMsg[idx], + word32 tmpSum; + if (!WC_SAFE_SUM_WORD32(idx, (word32)encryptedContentSz, + tmpSum) || + tmpSum > pkiMsgSz) { + ret = BUFFER_E; + break; + } else { + XMEMCPY(encryptedContent, &pkiMsg[idx], (word32)encryptedContentSz); - idx += (word32)encryptedContentSz; + idx += (word32)encryptedContentSz; + } } #ifndef NO_PKCS7_STREAM pkcs7->stream->bufferPt = encryptedContent; @@ -15274,16 +15282,22 @@ int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz, } if (ret == 0) { - XMEMCPY(encryptedContent, &pkiMsg[idx], - (unsigned int)encryptedContentSz); - idx += (word32)encryptedContentSz; - - /* decrypt encryptedContent */ - ret = wc_PKCS7_DecryptContent(pkcs7, encOID, - pkcs7->encryptionKey, pkcs7->encryptionKeySz, - tmpIv, expBlockSz, NULL, 0, NULL, 0, - encryptedContent, encryptedContentSz, - encryptedContent, pkcs7->devId, pkcs7->heap); + word32 tmpSum; + if (!WC_SAFE_SUM_WORD32(idx, (word32)encryptedContentSz, tmpSum) || + tmpSum > pkiMsgSz) { + ret = BUFFER_E; + } else { + XMEMCPY(encryptedContent, &pkiMsg[idx], + (unsigned int)encryptedContentSz); + idx += (word32)encryptedContentSz; + + /* decrypt encryptedContent */ + ret = wc_PKCS7_DecryptContent(pkcs7, encOID, + pkcs7->encryptionKey, pkcs7->encryptionKeySz, + tmpIv, expBlockSz, NULL, 0, NULL, 0, + encryptedContent, encryptedContentSz, + encryptedContent, pkcs7->devId, pkcs7->heap); + } if (ret != 0) { XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); }