Fenrir fixes

src/crypto/clu_evp_crypto.c

@@ -88,31 +88,36 @@ int wolfCLU_evp_crypto(const WOLFSSL_EVP_CIPHER* cphr, char* mode, byte* pwdKey,
         in = wolfSSL_BIO_new_file(fileIn, "rb");
         if (in != NULL && !enc && isBase64) {
             word32 decodeSz;
+            int bioSz;
 
-            decodeSz = wolfSSL_BIO_get_len(in);
-            decodedBase64 = (byte*)XMALLOC(decodeSz, HEAP_HINT,
-                    DYNAMIC_TYPE_TMP_BUFFER);
-            if (decodedBase64 == NULL) {
+            if ((bioSz = wolfSSL_BIO_get_len(in)) <= 0) {
                 ret = WOLFCLU_FATAL_ERROR;
             }
             else {
-                if (wolfSSL_BIO_read(in, decodedBase64, decodeSz) !=
-                        (int)decodeSz) {
+                decodeSz = (word32)bioSz;
+                decodedBase64 = (byte*)XMALLOC(bioSz, HEAP_HINT,
+                        DYNAMIC_TYPE_TMP_BUFFER);
+                if (decodedBase64 == NULL) {
                     ret = WOLFCLU_FATAL_ERROR;
                 }
+                else {
+                    if (wolfSSL_BIO_read(in, decodedBase64, bioSz) !=
+                            bioSz) {
+                        ret = WOLFCLU_FATAL_ERROR;
+                    }
 
-                if (ret == WOLFCLU_SUCCESS &&
-                        Base64_Decode(decodedBase64, decodeSz,
-                            decodedBase64, &decodeSz) != 0) {
-                    ret = WOLFCLU_FATAL_ERROR;
-                }
+                    if (ret == WOLFCLU_SUCCESS &&
+                            Base64_Decode(decodedBase64, bioSz,
+                                decodedBase64, &decodeSz) != 0) {
+                        ret = WOLFCLU_FATAL_ERROR;
+                    }
 
-                if (ret == WOLFCLU_SUCCESS) {
-                    wolfSSL_BIO_free(in);
-                    in = wolfSSL_BIO_new_mem_buf(decodedBase64, decodeSz);
+                    if (ret == WOLFCLU_SUCCESS) {
+                        wolfSSL_BIO_free(in);
+                        in = wolfSSL_BIO_new_mem_buf(decodedBase64, decodeSz);
+                    }
                 }
             }
-
         }
     }
     else {

src/dh/clu_dh.c

@@ -478,7 +478,7 @@ int wolfCLU_DhParamSetup(int argc, char** argv)
     if (ret == WOLFCLU_SUCCESS && bioIn != NULL) {
         DerBuffer* pDer = NULL;
         byte* in = NULL;
-        word32 inSz = 0;
+        long inSz = 0;
         word32 idx  = 0;
 
         inSz = wolfSSL_BIO_get_len(bioIn);
@@ -489,7 +489,7 @@ int wolfCLU_DhParamSetup(int argc, char** argv)
             }
 
             if (ret == WOLFCLU_SUCCESS &&
-                    wolfSSL_BIO_read(bioIn, in, inSz) <= 0) {
+                    wolfSSL_BIO_read(bioIn, in, (int)inSz) <= 0) {
                 ret = WOLFCLU_FATAL_ERROR;
             }
 
@@ -510,7 +510,7 @@ int wolfCLU_DhParamSetup(int argc, char** argv)
             }
 
             if (ret == WOLFCLU_SUCCESS &&
-                    wc_DhKeyDecode(in, &idx, &dh, inSz) != 0) {
+                    wc_DhKeyDecode(in, &idx, &dh, (int)inSz) != 0) {
                 wolfCLU_LogError("Unable to decode input params");
                 ret = WOLFCLU_FATAL_ERROR;
             }

src/ocsp/clu_ocsp.c

@@ -395,7 +395,7 @@ static int ocspClient(OcspClientConfig* config)
 typedef struct IndexEntry {
     char status;
     time_t revocationTime;
-    char serial[64];
+    char serial[65];
     struct IndexEntry* next;
 } IndexEntry;
 
@@ -466,7 +466,14 @@ static IndexEntry* parseIndexFile(const char* filename)
                     }
                     break;
                 case 3: /* Serial (hex) */
+                    if (XSTRLEN(field) > sizeof(entry->serial)-1) {
+                        wolfCLU_LogError("Field %s too long to fit in entry "
+                                "with max size %lu", field,
+                                (unsigned long)(sizeof(entry->serial)-1));
+                        break;
+                    }
                     XSTRNCPY(entry->serial, field, sizeof(entry->serial) - 1);
+                    entry->serial[sizeof(entry->serial) - 1] = '\0';
                     break;
             }
             fieldNum++;
@@ -478,7 +485,7 @@ static IndexEntry* parseIndexFile(const char* filename)
             entry = NULL;
             continue;
         }
-        
+
         /* For revoked certificates, revocationTime must be valid */
         if (entry->status == 'R' && entry->revocationTime == (time_t)-1) {
             wolfCLU_LogError("Invalid revocation time for serial %s", entry->serial);

src/sign-verify/clu_dgst_setup.c

@@ -19,6 +19,7 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+#include "wolfclu/clu_error_codes.h"
 #include <wolfclu/clu_header_main.h>
 #include <wolfclu/clu_log.h>
 #include <wolfclu/clu_optargs.h>
@@ -202,7 +203,7 @@ int wolfCLU_dgst_setup(int argc, char** argv)
 
     opterr = 0; /* do not display unrecognized options */
     optind = 0; /* start at indent 0 */
-    while ((option = wolfCLU_GetOpt(argc, argv, "",
+    while (ret == WOLFCLU_SUCCESS && (option = wolfCLU_GetOpt(argc-1, argv, "",
                    dgst_options, &longIndex )) != -1) {
 
         switch (option) {
@@ -273,6 +274,16 @@ int wolfCLU_dgst_setup(int argc, char** argv)
         }
     }
 
+    /* Detect malformed arguments: if the trailing positional data file was
+     * instead consumed as the value of a required-argument option, optarg will
+     * string-match argv[argc-1]. The argc >= 2 guard keeps the argv[argc-2]
+     * access in bounds. */
+    if (argc >= 2 && optarg != NULL && XSTRCMP(optarg, argv[argc-1]) == 0) {
+        wolfCLU_LogError("Malformed arguments last argument read as value for "
+                "%s", argv[argc-2]);
+        ret = WOLFCLU_FATAL_ERROR;
+    }
+
     if (ret == WOLFCLU_SUCCESS) {
         if (dataBio == NULL || sigFile == NULL) {
             wolfCLU_LogError("error with reading signature or data");