Skip to content

Fix GetObjectId bounds in PKCS12 ContentInfo parsing#10233

Closed
TristanInSec wants to merge 1 commit intowolfSSL:masterfrom
TristanInSec:fix-pkcs12-getobjectid-bounds
Closed

Fix GetObjectId bounds in PKCS12 ContentInfo parsing#10233
TristanInSec wants to merge 1 commit intowolfSSL:masterfrom
TristanInSec:fix-pkcs12-getobjectid-bounds

Conversation

@TristanInSec
Copy link
Copy Markdown

@TristanInSec TristanInSec commented Apr 15, 2026

Summary

  • Bound GetObjectId() by the ContentInfo SEQUENCE end (curIdx + curSz) instead of the full buffer size ((word32)size)
  • This prevents the OID TLV from being parsed past the SEQUENCE boundary in the first place, complementing the post-check added in PR Fix GetSafeContent to check length #10018

Context

PR #10018 added a post-check that catches when GetObjectId() advances localIdx past the ContentInfo SEQUENCE boundary. However, GetObjectId() itself still receives the full buffer size as maxIdx, so it parses the OID TLV beyond the SEQUENCE boundary before the post-check rejects it.

This change bounds GetObjectId() at the source, so it rejects an oversized OID immediately during parsing rather than after the fact. The post-check from #10018 remains as defense-in-depth.

Test plan

  • Existing test_wc_d2i_PKCS12_oid_underflow test (added in Fix GetSafeContent to check length #10018) covers this path
  • Crafted PKCS12 with OID extending past SEQUENCE boundary is rejected with ASN_PARSE_E (now by GetObjectId directly, rather than the post-check)

@TristanInSec
Fix GetObjectId bounds in PKCS12 ContentInfo parsing
72b26be 
Bound GetObjectId() by the ContentInfo SEQUENCE end
(curIdx + curSz) instead of the full buffer size. This
prevents the OID TLV from being parsed past the SEQUENCE
boundary in the first place, complementing the post-check
added in PR wolfSSL#10018.

Previously, GetObjectId received (word32)size as maxIdx,
allowing it to read OID data beyond the ContentInfo SEQUENCE.
The post-check then caught this after the fact. With this
change, GetObjectId itself rejects an OID that would exceed
the SEQUENCE, so the over-read never occurs.
@wolfSSL-Bot
Copy link
Copy Markdown

wolfSSL-Bot commented Apr 15, 2026

Can one of the admins verify this patch?

@dgarske
Copy link
Copy Markdown
Member

dgarske commented Apr 16, 2026

Hi @TristanInSec , I don’t see you setup as a contributor. Can you tell us more about yourself and your project? If you’d like to start the process for getting on file with a signed contributor agreement please email support at wolfssl dot com.
Thanks, David Garske, wolfSSL

@anhu
Copy link
Copy Markdown
Member

anhu commented Apr 16, 2026

@dgarske , have a look at ZD 21641 .

@TristanInSec
Copy link
Copy Markdown
Author

TristanInSec commented Apr 30, 2026

Hi @dgarske, I'm an independent security researcher. I identified this bounds issue while reviewing PKCS12 parsing code and wanted to contribute the fix. I'd be happy to sign the contributor agreement. Could you share the process or a link to get started?

@dgarske dgarske requested a review from rlm2002 April 30, 2026 19:09
@rlm2002 rlm2002 mentioned this pull request May 1, 2026
Open
4 tasks
@dgarske
Copy link
Copy Markdown
Member

dgarske commented May 1, 2026

Closing in favor of #10378
Thank you @TristanInSec
If you have any larger contributions we'll start that process, which is getting you a form that you need to sign and return via our support email

@dgarske dgarske closed this May 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rlm2002 rlm2002 Awaiting requested review from rlm2002

Assignees

@wolfSSL-Bot wolfSSL-Bot

@rlm2002 rlm2002

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@TristanInSec @wolfSSL-Bot @dgarske @anhu @rlm2002