open-quantum-safe / liboqs / 25922138360
82%

DEFAULT BRANCH: main
Ran
Jobs 3
Files 2877
Run time 7min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 82.263% (-0.004%) from 82.267%
25922138360

push

github

web-flow 
Merge commit from fork

The XMSS and XMSS^MT verify wrappers validate signature_len against the
declared algorithm's compile-time signature length (added in ef70dea for
CVE-2026-44518) but did not validate that the OID encoded in the public
key matches the declared algorithm. A caller passing a correctly-sized
signature buffer together with a public key whose first four bytes
reference a different XMSS parameter set caused xmss_sign_open to
re-parse the OID from the pk and construct a params struct whose
sig_bytes exceeded the caller's signature buffer. xmssmt_core_sign_open
then discarded the caller-supplied smlen and read past the end of the
buffer at xmss_commons.c:194 (heap OOB read of up to params->sig_bytes

prefix_length bytes).
Add an OID consistency check at the per-variant wrapper: decode
pk[0..3] as a big-endian OID and reject the call if it does not equal
the variant's compile-time OID constant. This rejects malformed input
at the API boundary, before any code that derives buffer offsets from
attacker-influenced OID bytes runs.

Extend tests/test_sig_stfl.c::test_invalid_sig with a second sub-case
that mirrors the GHSA reporter's PoC: correctly-sized signature buffer
for XMSS-SHA2_10_256 together with pk[3]=0x02 (the OID of
XMSS-SHA2_16_256, whose sig_bytes is larger). Under ASan the pre-fix
code aborts with the expected heap-buffer-overflow READ of 128 bytes
in xmssmt_core_sign_open; with the fix the wrapper returns OQS_ERROR
cleanly.

Reported-by: Vishnu2707

Signed-off-by: Douglas Stebila <dstebila@uwaterloo.ca>

207970 of 252811 relevant lines covered (82.26%)

8255053.34 hits per line

Coverage Regressions

Lines Coverage File
2
61.9
 -0.45% src/sig/ml_dsa/mldsa-native_ml-dsa-65_aarch64/mldsa/src/sign.c
2
61.9
 -0.45% src/sig/ml_dsa/mldsa-native_ml-dsa-65_x86_64/mldsa/src/sign.c
2
61.99
 -0.45% src/sig/ml_dsa/mldsa-native_ml-dsa-87_aarch64/mldsa/src/sign.c
1
97.96
 -2.04% src/kem/classic_mceliece/pqclean_mceliece460896_avx2/encrypt.c
1
95.53
 -0.09% src/sig/falcon/pqclean_falcon-512_avx2/keygen.c
1
33.33
 -4.17% src/sig/ml_dsa/mldsa-native_ml-dsa-44_x86_64/mldsa/src/rounding.h
1
33.33
 -4.17% src/sig/ml_dsa/mldsa-native_ml-dsa-65_aarch64/mldsa/src/rounding.h
1
95.83
 -4.17% src/sig/ml_dsa/mldsa-native_ml-dsa-87_ref/mldsa/src/rounding.h
1
94.44
 -1.85% src/sig/uov/pqov_ov_Ip_pkc_avx2/ov.c
1
94.44
 -1.85% src/sig/uov/pqov_ov_Is_pkc_avx2/ov.c
1
94.44
 -1.85% src/sig/uov/pqov_ov_Is_pkc_ref/ov.c
Jobs
ID Job ID Ran Files Coverage
1 x64-generic - 25922138360.1 1259
85.36
 GitHub Action Run
2 arm64-distbuild - 25922138360.2 1789
60.31
 GitHub Action Run
3 x64-distbuild - 25922138360.3 2346
56.5
 GitHub Action Run
Source Files on build 25922138360