Skip to content

Add bounds check in PKCS7 streaming indefinite-length end-of-content parsing#10039

Open
anhu wants to merge 1 commit intowolfSSL:masterfrom
anhu:pkcs7_oob
Open

Add bounds check in PKCS7 streaming indefinite-length end-of-content parsing#10039
anhu wants to merge 1 commit intowolfSSL:masterfrom
anhu:pkcs7_oob

Conversation

@anhu
Copy link
Member

@anhu anhu commented Mar 21, 2026

Fixes ZD 21399 Finding #1

@anhu anhu requested a review from wolfSSL-Bot March 21, 2026 01:35
@anhu anhu self-assigned this Mar 21, 2026
@anhu
Copy link
Member Author

anhu commented Mar 21, 2026

Jenkins retest this please.

dgarske
dgarske requested changes Mar 21, 2026
View reviewed changes
Copy link
Contributor

@dgarske dgarske left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Clang-tidy: unchecked XFSEEK return values in test_pkcs7.c lines 4878 and 4880 — the PR adds calls like XFSEEK(f, 0, XSEEK_END); and XFSEEK(f, 0, XSEEK_SET); without using the return value, triggering bugprone-unused-return-value. This failed 3 of 4 clang-tidy configurations (PRB-multi-test-script #9983).

Fix: capture and check the return value, e.g.:

if (XFSEEK(f, 0, XSEEK_END) != 0) { /* handle error */ }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dgarske dgarske dgarske requested changes

@wolfSSL-Bot wolfSSL-Bot Awaiting requested review from wolfSSL-Bot

Requested changes must be addressed to merge this pull request.

Assignees

@anhu anhu

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@anhu @dgarske