From 9bb6449a1e42a575653bdc514a5432f073070175 Mon Sep 17 00:00:00 2001 From: Leandro Lanzieri Date: Thu, 17 Mar 2022 09:43:42 +0100 Subject: [PATCH] sys/fido2/ctap: fix parsing validation --- sys/fido2/ctap/ctap_cbor.c | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/sys/fido2/ctap/ctap_cbor.c b/sys/fido2/ctap/ctap_cbor.c index 18d1d86a7b..76966addf7 100644 --- a/sys/fido2/ctap/ctap_cbor.c +++ b/sys/fido2/ctap/ctap_cbor.c @@ -819,8 +819,12 @@ int fido2_ctap_cbor_parse_get_assertion_req(ctap_get_assertion_req_t *req, CborValue map; CborType type; - ret = cbor_parser_init(req_raw, len, CborValidateCanonicalFormat, &parser, - &it); + ret = cbor_parser_init(req_raw, len, 0, &parser, &it); + if (ret != CborNoError) { + return CTAP2_ERR_CBOR_PARSING; + } + + ret = cbor_value_validate(&it, CborValidateCanonicalFormat); if (ret != CborNoError) { return CTAP2_ERR_CBOR_PARSING; } @@ -937,8 +941,12 @@ int fido2_ctap_cbor_parse_client_pin_req(ctap_client_pin_req_t *req, CborValue it; CborValue map; - ret = cbor_parser_init(req_raw, len, CborValidateCanonicalFormat, &parser, - &it); + ret = cbor_parser_init(req_raw, len, 0, &parser, &it); + if (ret != CborNoError) { + return CTAP2_ERR_CBOR_PARSING; + } + + ret = cbor_value_validate(&it, CborValidateCanonicalFormat); if (ret != CborNoError) { return CTAP2_ERR_CBOR_PARSING; } @@ -1048,8 +1056,12 @@ int fido2_ctap_cbor_parse_make_credential_req(ctap_make_credential_req_t *req, CborValue map; CborType type; - ret = cbor_parser_init(buf, size, CborValidateCanonicalFormat, &parser, - &it); + ret = cbor_parser_init(buf, size, 0, &parser, &it); + if (ret != CborNoError) { + return CTAP2_ERR_CBOR_PARSING; + } + + ret = cbor_value_validate(&it, CborValidateCanonicalFormat); if (ret != CborNoError) { return CTAP2_ERR_CBOR_PARSING; }