Security-59306.61.1.tar.gz

[apple/security.git] / OSX / libsecurity_keychain / lib / SecFDERecoveryAsymmetricCrypto.cpp

diff --git a/OSX/libsecurity_keychain/lib/SecFDERecoveryAsymmetricCrypto.cpp b/OSX/libsecurity_keychain/lib/SecFDERecoveryAsymmetricCrypto.cpp
index 844a1e1ac41c63c98377e8cf76cb1cf886795f9a..187ee9c801fca2b9d275c05c69485f3fea6a3a0a 100644 (file)
--- a/OSX/libsecurity_keychain/lib/SecFDERecoveryAsymmetricCrypto.cpp
+++ b/OSX/libsecurity_keychain/lib/SecFDERecoveryAsymmetricCrypto.cpp
@@ -34,7 +34,7 @@
 #include <Security/SecKey.h>
 
 static void encodePrivateKeyHeader(const CssmData &inBlob, CFDataRef certificate, FVPrivateKeyHeader &outHeader);
-static CFDataRef decodePrivateKeyHeader(SecKeychainRef keychainName, const FVPrivateKeyHeader &inHeader);
+static CFDataRef CF_RETURNS_RETAINED decodePrivateKeyHeader(SecKeychainRef keychainName, const FVPrivateKeyHeader &inHeader);
 static void throwIfError(CSSM_RETURN rv);
 
 #pragma mark ----- Public SPI -----
@@ -100,9 +100,13 @@ static void encodePrivateKeyHeader(const CssmData &inBlob, CFDataRef certificate
        passThrough(CSSM_APPLECSP_KEYDIGEST, NULL, &outData);
        CssmData *cssmData = reinterpret_cast<CssmData *>(outData);
        
-       assert(cssmData->Length <= sizeof(outHeader.publicKeyHash));
        outHeader.publicKeyHashSize = (uint32_t)cssmData->Length;
-       memcpy(outHeader.publicKeyHash, cssmData->Data, cssmData->Length);
+       if (outHeader.publicKeyHashSize > sizeof(outHeader.publicKeyHash)) {
+               secinfo("FDERecovery", "encodePrivateKeyHeader: publicKeyHash too big: %d", outHeader.publicKeyHashSize);
+               outHeader.publicKeyHashSize = 0; /* failed to copy hash value */
+       } else {
+               memcpy(outHeader.publicKeyHash, cssmData->Data, outHeader.publicKeyHashSize);
+       }
        fCSP.allocator().free(cssmData->Data);
        fCSP.allocator().free(cssmData);