Skip to content
This repository was archived by the owner on May 9, 2023. It is now read-only.
This repository was archived by the owner on May 9, 2023. It is now read-only.

Verification of requested access condition in the metadata causes array out of bound #3

Open
Open
Verification of requested access condition in the metadata causes array out of bound#3
Assignees
ayushev
@gilatoes

Description

@gilatoes
gilatoes
opened on Sep 30, 2018

Using XMC2Go and the latest OPTIGA Trust X library, assert (shown in italic) is added and triggered. The bTagLocation variable returns from IntLib_GetTagPos() can be a value larger than the available array size causing the system to crash.

static int32_t IntLib_VerifyAC(eMetaDataTag_d PeMetaDataTag, sACVector_d *PpsACVal)
{.....
//get tag position of lcsO and read lcsO.
//LCO may not be found for all object.It is not an error
i4Status = IntLib_GetTagPos(PpsACVal->psMetaData->prgbStream,(uint8_t)eLCSO,&bTagLocation);
if(INT_LIB_OK == i4Status)
{
if(LENGTH_METADATA<=(bTagLocation+2)){
i4Status = (int32_t)INT_LIB_ERROR;
Serial.println("Assert: Array out of bound!");
Serial.println(bTagLocation,HEX);
break;
}
//get the LcsO value from TLV
PpsACVal->bLcsO = (PpsACVal->psMetaData->prgbStream)[bTagLocation+2];
.......

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions