Arduino/pico-fido
1
0
Fork 1
mirror of https://github.com/polhenarejos/pico-fido.git synced 2025-12-19 02:48:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add sanity checks.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2024-12-11 21:58:25 +01:00
parent 2eca08161d
commit bbf474811b
1 changed files with 16 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/fido/credential.c
View File

@@ -147,6 +147,10 @@ int credential_load(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *r
int ret = 0; int ret = 0;
CborError error = CborNoError; CborError error = CborNoError;
uint8_t *copy_cred_id = (uint8_t *) calloc(1, cred_id_len); uint8_t *copy_cred_id = (uint8_t *) calloc(1, cred_id_len);
if (!cred) {
CBOR_ERROR(CTAP2_ERR_INVALID_CREDENTIAL);
}
memset(cred, 0, sizeof(Credential));
memcpy(copy_cred_id, cred_id, cred_id_len); memcpy(copy_cred_id, cred_id, cred_id_len);
ret = credential_verify(copy_cred_id, cred_id_len, rp_id_hash); ret = credential_verify(copy_cred_id, cred_id_len, rp_id_hash);
if (ret != 0) { // U2F? if (ret != 0) { // U2F?
@@ -236,6 +240,7 @@ err:
} }
void credential_free(Credential *cred) { void credential_free(Credential *cred) {
if (cred) {
CBOR_FREE_BYTE_STRING(cred->rpId); CBOR_FREE_BYTE_STRING(cred->rpId);
CBOR_FREE_BYTE_STRING(cred->userId); CBOR_FREE_BYTE_STRING(cred->userId);
CBOR_FREE_BYTE_STRING(cred->userName); CBOR_FREE_BYTE_STRING(cred->userName);
@@ -248,6 +253,7 @@ void credential_free(Credential *cred) {
cred->extensions.present = false; cred->extensions.present = false;
cred->opts.present = false; cred->opts.present = false;
} }
}
int credential_store(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *rp_id_hash) { int credential_store(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *rp_id_hash) {
int sloti = -1; int sloti = -1;