chaps: Police invalid attribute length
The value (CK_ULONG)-1 is used on C_GetAttributeValue to indicate
an error for a particular attribute; as such, this value survives
serialization (in attributes.cc).
However, if an incorrect application turns around and uses this
length value for an attribute on a call to C_SetAttributeValue,
we need to ensure that this doesn't crash chapsd.
In particular, watch out for this specific error value in
ObjectImpl::SetAttributes(); other erroneously-huge values
will only cause problems client-side (because the serialization
will fail).
BUG=None
TEST=Chaps unit tests (with ASAN) plus PKCS11 tests
Change-Id: If9d1eb4fa66591691039efaaa7333ddbd3abdeac
Reviewed-on: https://chromium-review.googlesource.com/227580
Reviewed-by: Darren Krahn <dkrahn@chromium.org>
Commit-Queue: David Drysdale <drysdale@google.com>
Tested-by: David Drysdale <drysdale@google.com>
2 files changed
