From f09eebfaa6a9f533f9fa03b4c920f0c3f35746f3 Mon Sep 17 00:00:00 2001
From: quyawei <quyawei1@huawei.com>
Date: Wed, 14 Sep 2022 17:53:21 +0800
Subject: [PATCH] add length limit for rand generation

Signed-off-by: quyawei <quyawei1@huawei.com>
---
 frameworks/rand/rand.c                 |  2 +-
 test/unittest/src/crypto_rand_test.cpp | 23 +++++++++++++++++++++--
 2 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/frameworks/rand/rand.c b/frameworks/rand/rand.c
index 36ca734..b4a1d97 100644
--- a/frameworks/rand/rand.c
+++ b/frameworks/rand/rand.c
@@ -60,7 +60,7 @@ static HcfRandSpiCreateFunc FindAbility(const char *algoName)
 
 static HcfResult GenerateRandom(HcfRand *self, int32_t numBytes, HcfBlob *random)
 {
-    if ((self == NULL) || (numBytes <= 0) || (random == NULL)) {
+    if ((self == NULL) || (numBytes <= 0) || (numBytes > HCF_MAX_BUFFER_LEN) || (random == NULL)) {
         LOGE("Invalid params!");
         return HCF_INVALID_PARAMS;
     }
diff --git a/test/unittest/src/crypto_rand_test.cpp b/test/unittest/src/crypto_rand_test.cpp
index 53cc0d2..a7fae07 100644
--- a/test/unittest/src/crypto_rand_test.cpp
+++ b/test/unittest/src/crypto_rand_test.cpp
@@ -96,8 +96,8 @@ HWTEST_F(CryptoFrameworkRandTest, CryptoFrameworkRandGenerateTest003, TestSize.L
     ret = (int)HcfRandCreate(&randObj);
     EXPECT_EQ(ret, 0);
     // preset params
-    int32_t randomLen = 1000;
-    uint8_t randomBuf[1000] = {0};
+    int32_t randomLen = 8192;
+    uint8_t randomBuf[8192] = {0};
     // define randomBlob and seedBlob
     struct HcfBlob randomBlob = {.data = (uint8_t *)randomBuf, .len = 0};
     // test generate random
@@ -108,6 +108,25 @@ HWTEST_F(CryptoFrameworkRandTest, CryptoFrameworkRandGenerateTest003, TestSize.L
     OH_HCF_ObjDestroy(randObj);
 }
 
+HWTEST_F(CryptoFrameworkRandTest, CryptoFrameworkRandGenerateTest004, TestSize.Level0)
+{
+    int32_t ret = 0;
+    // create a rand obj
+    HcfRand *randObj = nullptr;
+    ret = (int)HcfRandCreate(&randObj);
+    EXPECT_EQ(ret, 0);
+    // preset params
+    int32_t randomLen = 8193;
+    uint8_t randomBuf[8193] = {0};
+    // define randomBlob and seedBlob
+    struct HcfBlob randomBlob = {.data = (uint8_t *)randomBuf, .len = 0};
+    // test generate random
+    ret = randObj->generateRandom(randObj, randomLen, &randomBlob);
+    EXPECT_NE(ret, 0);
+    // destroy the API obj and blob data
+    OH_HCF_ObjDestroy(randObj);
+}
+
 HWTEST_F(CryptoFrameworkRandTest, CryptoFrameworkSetSeedTest001, TestSize.Level0)
 {
     int32_t ret = 0;
-- 
Gitee