search

aws / aws-lc

AWS-LC is a general-purpose cryptographic library maintained by the AWS Cryptography team for AWS and their customers. It іs based on code from the Google BoringSSL project and the OpenSSL project.
Other
354 stars 111 forks source link

Fix for BIO_gets and update documentation #1756

Closed smittals2 closed 1 month ago

smittals2 commented 1 month ago

Description of changes:

BIO_gets takes a len/size parameter which is of type int and can be negative. Previously, this param was passed into callback_ex without a check for len being positive. This is an issue since callback_ex defines this size/len param as a size_t var. Passing in a negative number to size_t could lead to unexpected behavior. A similar issue exists in BIO_read and BIO_write

This PR moves the check for len to before calling the callback and updates documentation for BIO_gets, BIO_read, and BIO_write.

codecov-commenter commented 1 month ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 78.42%. Comparing base (697b277) to head (1ec6c34).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #1756 +/- ## ========================================== - Coverage 78.44% 78.42% -0.03% ========================================== Files 580 580 Lines 96779 96779 Branches 13863 13863 ========================================== - Hits 75920 75900 -20 - Misses 20241 20260 +19 - Partials 618 619 +1 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.