Feedback from Arm: guarantee that output_length <= output_size even o…

…n error, to reduce the risk that a missing error check escalates into a buffer overflow in the application code Signed-off-by: Stephan Koch <[email protected]> Signed-off-by: Dave Rodgman <[email protected]>
Mbed-TLS · Feb 28, 2023 · 6ed1436 · 6ed1436
1 parent 8a23f49
commit 6ed1436
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
@@ -4175,6 +4175,8 @@ void asymmetric_encrypt(int key_type_arg,
     TEST_EQUAL(actual_status, expected_status);
     if (actual_status == PSA_SUCCESS) {
         TEST_EQUAL(output_length, expected_output_length);
+    } else {
+        TEST_LE_U(output_length, output_size);
     }
 
     /* If the label is empty, the test framework puts a non-null pointer
@@ -4192,6 +4194,8 @@ void asymmetric_encrypt(int key_type_arg,
         TEST_EQUAL(actual_status, expected_status);
         if (actual_status == PSA_SUCCESS) {
             TEST_EQUAL(output_length, expected_output_length);
+        } else {
+            TEST_LE_U(output_length, output_size);
         }
     }