diff options
| -rw-r--r-- | epan/dissectors/packet-coap.h | 2 | ||||
| -rw-r--r-- | epan/dissectors/packet-oscore.c | 10 |
2 files changed, 9 insertions, 3 deletions
diff --git a/epan/dissectors/packet-coap.h b/epan/dissectors/packet-coap.h index 2842de74aa..54805b9d51 100644 --- a/epan/dissectors/packet-coap.h +++ b/epan/dissectors/packet-coap.h @@ -289,7 +289,7 @@ coap_common_dissect_t name = { \ NULL, HFILL } \ }, \ { & name .hf.opt_object_security_kid_context, \ - { "Partial IV", prefix ".opt.object_security_kid_context", \ + { "Key ID Context", prefix ".opt.object_security_kid_context", \ FT_BYTES, BASE_NONE, NULL, 0x00, \ NULL, HFILL } \ }, \ diff --git a/epan/dissectors/packet-oscore.c b/epan/dissectors/packet-oscore.c index 019fc34448..892694ab1b 100644 --- a/epan/dissectors/packet-oscore.c +++ b/epan/dissectors/packet-oscore.c @@ -93,11 +93,13 @@ UAT_VS_DEF(oscore_context_uat, algorithm, oscore_context_t, cose_aead_alg_t, COS #define OSCORE_PIV_MAX_LEN 5 /* upper bound specified in the draft */ #define OSCORE_KID_MAX_LEN_CCM_STAR 7 /* upper bound on KID for AES-CCM-16-64-128 (CCM*) */ #define OSCORE_KID_MAX_LEN OSCORE_KID_MAX_LEN_CCM_STAR /* upper bound on KID coming from the default algorithm implemented */ +#define OSCORE_KID_CONTEXT_MAX_LEN 64 /* Helper macros to correctly size the statically allocated buffers and verify if an overflow occured */ #define OSCORE_INFO_MAX_LEN (1 + /* max return of cborencoder_put_array() */ \ 2 + OSCORE_KID_MAX_LEN + /* max 2 to encode length, KID following */ \ + 2 + OSCORE_KID_CONTEXT_MAX_LEN + /* length + KID CONTEXT */ \ 2 + /* max return of cborencoder_put_unsigned() */ \ 2 + 3 + /* max 2 to encode length, "Key" following */ \ 2 /* max return of cborencoder_put_unsigned() */ ) @@ -217,14 +219,18 @@ static gboolean oscore_context_update_cb(void *r, char **err) { return FALSE; } - /* No max length check on ID Context. We use GByteArray to allocate memory - * and pass it to the context derivation routine */ if (hex_str_to_bytes(rec->id_context_prefs, bytes, FALSE) == FALSE) { *err = g_strdup("ID Context is invalid."); g_byte_array_free(bytes, TRUE); return FALSE; } + if (bytes->len > OSCORE_KID_CONTEXT_MAX_LEN) { + *err = g_strdup_printf("Should be %u bytes or less.", OSCORE_KID_CONTEXT_MAX_LEN); + g_byte_array_free(bytes, TRUE); + return FALSE; + } + if (hex_str_to_bytes(rec->master_secret_prefs, bytes, FALSE) == FALSE) { *err = g_strdup("Master Secret is invalid."); g_byte_array_free(bytes, TRUE); |