Skip empty/invalid records/certs in MacOS keychain files - zig - fork of https://codeberg.org/ziglang/zig

commit 0779e847f79851419dfeb39595b1817ce72ea9fa (tree)
parent d2e70ef84a912947f6485f6fc480030c2d6a8c8f
Author: Ryan Liptak <squeek502@hotmail.com>
Date:   Mon, 17 Feb 2025 16:18:33 -0800

Skip empty/invalid records/certs in MacOS keychain files

In the original PR that implemented this (https://github.com/ziglang/zig/pull/14325), it included a list of references for the keychain format. Multiple of those references include the checks that are added in this commit, and empirically this fixes the loading of a real keychain file that was previously failing (it had both a record with offset 0 and a record with cert_size 0).

Fixes #22870

Diffstat:
M lib/std/crypto/Certificate/Bundle/macos.zig  | 6 ++++++

1 file changed, 6 insertions(+), 0 deletions(-)
diff --git a/lib/std/crypto/Certificate/Bundle/macos.zig b/lib/std/crypto/Certificate/Bundle/macos.zig
@@ -61,10 +61,16 @@ pub fn rescanMac(cb: *Bundle, gpa: Allocator) RescanMacError!void {
             }
 
             for (record_list) |record_offset| {
+                // An offset of zero means that the record is not present.
+                // An offset that is not 4-byte-aligned is invalid.
+                if (record_offset == 0 or record_offset % 4 != 0) continue;
+
                 try stream.seekTo(db_header.schema_offset + table_offset + record_offset);
 
                 const cert_header = try reader.readStructEndian(X509CertHeader, .big);
 
+                if (cert_header.cert_size == 0) continue;
+
                 try cb.bytes.ensureUnusedCapacity(gpa, cert_header.cert_size);
 
                 const cert_start = @as(u32, @intCast(cb.bytes.items.len));

	zig fork of https://codeberg.org/ziglang/zig
	Log \| Files \| Refs \| README \| LICENSE