TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 0b2bd071f8de72e9ce144d47dab32e8e942adda0^! / .
commit0b2bd071f8de72e9ce144d47dab32e8e942adda0[log] [tgz]
authorDavid Horstmann <david.horstmann@arm.com>Wed Aug 21 15:38:44 2024 +0100
committerGilles Peskine <Gilles.Peskine@arm.com>Wed Aug 21 21:49:17 2024 +0200
treef641f26ddafe1157cc9a2d17a675241d3f1324a4
parent68a4b7453f0c57e7b5753b709a2814e219caa806 [diff]
Add overflow check for maximum key slot length

Signed-off-by: David Horstmann <david.horstmann@arm.com>

diff --git a/tf-psa-crypto/core/psa_crypto_slot_management.c b/tf-psa-crypto/core/psa_crypto_slot_management.c
index 7857aad..216e0c2 100644
--- a/tf-psa-crypto/core/psa_crypto_slot_management.c
+++ b/tf-psa-crypto/core/psa_crypto_slot_management.c

@@ -111,6 +111,11 @@
 #error "Slice index does not fit in uint8_t for psa_key_slot_t::slice_index"
 #endif
 
+MBEDTLS_STATIC_ASSERT((KEY_SLOT_VOLATILE_SLICE_BASE_LENGTH
+                       & (SIZE_MAX >> (KEY_SLOT_VOLATILE_SLICE_COUNT - 1)))
+                      == KEY_SLOT_VOLATILE_SLICE_BASE_LENGTH,
+                      "Maximum slice length overflows size_t");
+
 
 /* Calculate the volatile key id to use for a given slot.
  * This function assumes valid parameter values. */