add NULL validation to wolfCrypt APIs

JeremiahM37 · JeremiahM37 · commit 6596419cb0b8 · 2026-04-20T17:20:54.000Z
diff --git a/wolfcrypt/src/camellia.c b/wolfcrypt/src/camellia.c
@@ -1521,7 +1521,7 @@ int wc_CamelliaSetKey(wc_Camellia* cam, const byte* key, word32 len, const byte*
 {
     int ret = 0;
 
-    if (cam == NULL) return BAD_FUNC_ARG;
+    if (cam == NULL || key == NULL) return BAD_FUNC_ARG;
 
     XMEMSET(cam->key, 0, WC_CAMELLIA_TABLE_BYTE_LEN);
 
diff --git a/wolfcrypt/src/compress.c b/wolfcrypt/src/compress.c
@@ -81,6 +81,9 @@ int wc_Compress_ex(byte* out, word32 outSz, const byte* in, word32 inSz,
     z_stream stream;
     int result = 0;
 
+    if (out == NULL || in == NULL)
+        return BAD_FUNC_ARG;
+
     stream.next_in = (Bytef*)in;
     stream.avail_in = (uInt)inSz;
 #ifdef MAXSEG_64K
@@ -149,6 +152,9 @@ int wc_DeCompress_ex(byte* out, word32 outSz, const byte* in, word32 inSz,
     z_stream stream;
     int result = 0;
 
+    if (out == NULL || in == NULL)
+        return BAD_FUNC_ARG;
+
     stream.next_in = (Bytef*)in;
     stream.avail_in = (uInt)inSz;
     /* Check for source > 64K on 16-bit machine: */
diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c
@@ -1395,7 +1395,7 @@ int  wc_HmacInit_Id(Hmac* hmac, unsigned char* id, int len, void* heap,
 
     if (ret == 0)
         ret = wc_HmacInit(hmac, heap, devId);
-    if (ret == 0) {
+    if (ret == 0 && id != NULL && len != 0) {
         XMEMCPY(hmac->id, id, (size_t)len);
         hmac->idLen = len;
     }
diff --git a/wolfcrypt/src/wc_lms.c b/wolfcrypt/src/wc_lms.c
@@ -1159,7 +1159,8 @@ int wc_LmsKey_ExportPubRaw(const LmsKey* key, byte* out, word32* outLen)
     int ret = 0;
 
     /* Validate parameters. */
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
+    if ((key == NULL) || (out == NULL) || (outLen == NULL) ||
+            (key->params == NULL)) {
         ret = BAD_FUNC_ARG;
     }
     /* Check size of out is sufficient. */

Original file line number	Diff line number	Diff line change
`@@ -1521,7 +1521,7 @@ int wc_CamelliaSetKey(wc_Camellia* cam, const byte* key, word32 len, const byte*`
`1521`	`1521`	`{`
`1522`	`1522`	`int ret = 0;`
`1523`	`1523`
`1524`		`- if (cam == NULL) return BAD_FUNC_ARG;`
	`1524`	`+ if (cam == NULL \|\| key == NULL) return BAD_FUNC_ARG;`
`1525`	`1525`
`1526`	`1526`	`XMEMSET(cam->key, 0, WC_CAMELLIA_TABLE_BYTE_LEN);`
`1527`	`1527`
Original file line number	Diff line number	Diff line change
`@@ -1395,7 +1395,7 @@ int wc_HmacInit_Id(Hmac* hmac, unsigned char* id, int len, void* heap,`
`1395`	`1395`
`1396`	`1396`	`if (ret == 0)`
`1397`	`1397`	`ret = wc_HmacInit(hmac, heap, devId);`
`1398`		`- if (ret == 0) {`
	`1398`	`+ if (ret == 0 && id != NULL && len != 0) {`
`1399`	`1399`	`XMEMCPY(hmac->id, id, (size_t)len);`
`1400`	`1400`	`hmac->idLen = len;`
`1401`	`1401`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1159,7 +1159,8 @@ int wc_LmsKey_ExportPubRaw(const LmsKey* key, byte* out, word32* outLen)`
`1159`	`1159`	`int ret = 0;`
`1160`	`1160`
`1161`	`1161`	`/* Validate parameters. */`
`1162`		`- if ((key == NULL) \|\| (out == NULL) \|\| (outLen == NULL)) {`
	`1162`	`+ if ((key == NULL) \|\| (out == NULL) \|\| (outLen == NULL) \|\|`
	`1163`	`+ (key->params == NULL)) {`
`1163`	`1164`	`ret = BAD_FUNC_ARG;`
`1164`	`1165`	`}`
`1165`	`1166`	`/* Check size of out is sufficient. */`