Add bounds checks for MP integer size in SizeASN_Items by anhu · Pull Request #10051 · wolfSSL/wolfssl

anhu · 2026-03-23T20:18:45Z

Fixes ZD 21401

dgarske · 2026-03-24T15:50:12Z

Jenkins retest this please -history lost

anhu · 2026-03-25T19:26:31Z

Jenkins retest this please.

Unable to get pull request trigger.

anhu · 2026-03-25T23:59:29Z

Jenkins retest this please

Build was aborted

anhu · 2026-03-26T00:33:50Z

jenkins retest this please

remote hung up.

anhu · 2026-03-26T12:12:21Z

jenkins retest this please

ABORTED

anhu · 2026-03-27T05:28:50Z

jenkins retest this please.

anhu · 2026-03-27T22:26:27Z

Jenkins retest this please.

anhu · 2026-03-30T18:31:19Z

Jenkins retest this please.

anhu · 2026-04-01T18:29:03Z

jenkins retest this please

Not found.

anhu · 2026-04-01T21:08:02Z

Jenkins retest this please.

anhu · 2026-04-08T21:51:53Z

jenkins retest this please.

anhu · 2026-04-08T23:51:58Z

jenkins retest this please.

dgarske

🐺 Skoll Code Review

Overall recommendation: APPROVE
Findings: 3 total — 3 posted, 0 skipped

Posted findings

[Medium] SetASN_Items MP path lacks matching bounds checks — wolfcrypt/src/asn.c:1097-1099
[Medium] Test only covers USE_INTEGER_HEAP_MATH; tfm.c has same overflow pattern — tests/api/test_rsa.c:1161-1163
[Low] Unused variable derRet could use (void) cast or direct use in Expect — tests/api/test_rsa.c:1254-1255

Review generated by Skoll via openclaw

anhu · 2026-04-10T17:19:11Z

jenkins retest this please

github-actions · 2026-04-15T22:39:38Z

MemBrowse Memory Report

No memory changes detected for:

gcc-arm-cortex-m4- gcc-arm-cortex-m4-baremetal- gcc-arm-cortex-m4-min-ecc- gcc-arm-cortex-m4-tls12

anhu · 2026-04-17T13:35:33Z

jenkins retest this please

anhu · 2026-04-27T20:12:29Z

Jenkins retest this please

anhu · 2026-04-29T14:56:12Z

Good to go. @wolfSSL-Bot , please sqash and merge at will.

anhu requested a review from wolfSSL-Bot March 23, 2026 20:18

anhu self-assigned this Mar 23, 2026

anhu added the Not For This Release Not for release 5.9.2 label Apr 1, 2026

anhu removed the Not For This Release Not for release 5.9.2 label Apr 8, 2026

SparkiDev reviewed Apr 9, 2026

View reviewed changes

Comment thread tests/api/test_rsa.c Outdated

anhu force-pushed the mp_int_bounds branch from 5bbce8a to 1358fa4 Compare April 9, 2026 18:12

dgarske reviewed Apr 9, 2026

View reviewed changes

Comment thread wolfcrypt/src/asn.c

Comment thread tests/api/test_rsa.c

Comment thread tests/api/test_rsa.c

anhu added 2 commits April 10, 2026 11:17

Add bounds checks for MP integer size in SizeASN_Items

599d02e

test improvement

573ff92

anhu force-pushed the mp_int_bounds branch from 1358fa4 to 573ff92 Compare April 10, 2026 15:23

anhu added 2 commits April 10, 2026 14:27

better gating.

6377ed0

gate out fast math

92bccf1

anhu assigned wolfSSL-Bot and unassigned anhu Apr 27, 2026

douzzer approved these changes May 1, 2026

View reviewed changes

douzzer merged commit 7b53303 into wolfSSL:master May 1, 2026
435 checks passed

Uh oh!

Conversation

anhu commented Mar 23, 2026

Uh oh!

dgarske commented Mar 24, 2026

Uh oh!

anhu commented Mar 25, 2026

Uh oh!

anhu commented Mar 25, 2026

Uh oh!

anhu commented Mar 26, 2026

Uh oh!

anhu commented Mar 26, 2026

Uh oh!

anhu commented Mar 27, 2026

Uh oh!

anhu commented Mar 27, 2026

Uh oh!

anhu commented Mar 30, 2026

Uh oh!

anhu commented Apr 1, 2026

Uh oh!

anhu commented Apr 1, 2026

Uh oh!

anhu commented Apr 8, 2026

Uh oh!

anhu commented Apr 8, 2026

Uh oh!

Uh oh!

dgarske left a comment

Choose a reason for hiding this comment

🐺 Skoll Code Review

Posted findings

Uh oh!

Uh oh!

Uh oh!

Uh oh!

anhu commented Apr 10, 2026

Uh oh!

github-actions Bot commented Apr 15, 2026

MemBrowse Memory Report

Uh oh!

anhu commented Apr 17, 2026

Uh oh!

anhu commented Apr 27, 2026

Uh oh!

anhu commented Apr 29, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

anhu commented Apr 29, 2026 •

edited

Loading