Untitled
unknown
plain_text
23 days ago
1.7 kB
3
Indexable
Never
int32_t logEncrypt(uint8_t *cipherText, uint32_t cipherTextLen) { int32_t ret = NOT_ERROR, len = 0; uint8_t *pCipherText = cipherText, *plainText = NULL, *pPlainText = NULL; uint32_t plainTextLen = 0; char buf[QUEUE_MAX_SIZE]; AesKeyData keyData; KEY *key = NULL; // Include NULL byte in plainTextLen plainTextLen = getQueueSize() + 1; // Allocate secure memory for plainText if ((plainText = secMemoryManagerMalloc(plainTextLen)) == NULL) return ERR_TA_NOT_ENOUGH_MEMORY; pPlainText = plainText; // Change the condition to use AND (&&) to ensure both are checked while (!isQueueEmpty() && (pPlainText - plainText < plainTextLen - 1)) { memset(buf, 0, sizeof(buf)); ret = dequeueData(buf, sizeof(buf)); // Check if the available space in plainText is sufficient before snprintf uint32_t remainingLen = plainTextLen - (pPlainText - plainText); if (remainingLen <= 0 || remainingLen > plainTextLen) { TEE_LOG("Buffer overflow prevented. Available space: %d", remainingLen); ret = ERR_TA_BUFFER_OVERFLOW; goto cleanup; } // Use snprintf safely with bounds checks len = snprintf((char *)pPlainText, remainingLen, "%s", buf); if (len < 0 || ret != len) { TEE_LOG("Failed to print buffer with error %d.", len); ret = ERR_TA_BUFFER_OVERFLOW; goto cleanup; } // Move pointer after successfully appending data pPlainText += len; } cleanup: if (plainText != NULL) secMemoryManagerFree(plainText); return ret; }
Leave a Comment