Bug: crash in `handle_output` for AES connections when `data_len` is zero
Opened this issue · 0 comments
gianlu33 commented
For some reason, calling an output of an AES connection passing empty data (i.e., setting data_len
to zero) makes the TA crash.
What I would like to do is something like this:
SM_INPUT(button_pressed, data, data_len) {
DMSG("Remote button has been pressed\n");
// this is an AES connection
OUTPUT(increment_presses, NULL, 0);
}
But this does not work. A workaround to this bug would be to pass fake data to the output like this:
SM_INPUT(button_pressed, data, data_len) {
DMSG("Remote button has been pressed\n");
// temporary: get around a bug
unsigned char fake_data[2] = {1,2};
// toggle LED
OUTPUT(increment_presses, fake_data, 2);
}
However this is not really optimal. I think you should review the AES encryption part in the case where data
is NULL and data_len
is zero.
Also, you should add a check in handle_output
to verify that if data
is NULL then data_len
must be zero. Otherwise you might have some other crashes in other parts of the code.