device/fido: check CBOR types before access.

(Accessors like |GetUnsigned| will crash if the type of the value is anything unexpected.) Change-Id: Ic7c5e0971b00e2c566d32b18efc620780ee7c96d Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1636649 Commit-Queue: Adam Langley <agl@chromium.org> Reviewed-by: Kim Paulhamus <kpaulhamus@chromium.org> Cr-Commit-Position: refs/heads/master@{#666293}

device/fido: check CBOR types before access.
(Accessors like |GetUnsigned| will crash if the type of the value is anything unexpected.) Change-Id: Ic7c5e0971b00e2c566d32b18efc620780ee7c96d Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1636649 Commit-Queue: Adam Langley <agl@chromium.org> Reviewed-by: Kim Paulhamus <kpaulhamus@chromium.org> Cr-Commit-Position: refs/heads/master@{#666293}
6bc69af1 · Adam Langley · Commit Bot · 9184177e · 6bc69af1 · 6bc69af1
Commit 6bc69af1 authored Jun 05, 2019 by Adam Langley Committed by Commit Bot Jun 05, 2019
Hide whitespace changes
Inline Side-by-side

Showing with 46 additions and 26 deletions

device/fido/bio/enrollment.cc device/fido/bio/enrollment.cc +9 -0

device/fido/virtual_ctap2_device.cc device/fido/virtual_ctap2_device.cc +37 -26

No files found.
--- a/device/fido/bio/enrollment.cc
+++ b/device/fido/bio/enrollment.cc
@@ -47,6 +47,9 @@ base::Optional<BioEnrollmentResponse> BioEnrollmentResponse::Parse(
  auto it = response_map.find(
      cbor::Value(static_cast<int>(BioEnrollmentResponseKey::kModality)));
  if (it != response_map.end()) {
+    if (!it->second.is_unsigned()) {
+      return base::nullopt;
+    }
    response.modality =
        static_cast<BioEnrollmentModality>(it->second.GetUnsigned());
  }
@@ -55,6 +58,9 @@ base::Optional<BioEnrollmentResponse> BioEnrollmentResponse::Parse(
  it = response_map.find(cbor::Value(
      static_cast<int>(BioEnrollmentResponseKey::kFingerprintKind)));
  if (it != response_map.end()) {
+    if (!it->second.is_unsigned()) {
+      return base::nullopt;
+    }
    response.fingerprint_kind =
        static_cast<BioEnrollmentFingerprintKind>(it->second.GetUnsigned());
  }
@@ -63,6 +69,9 @@ base::Optional<BioEnrollmentResponse> BioEnrollmentResponse::Parse(
  it = response_map.find(cbor::Value(static_cast<int>(
      BioEnrollmentResponseKey::kMaxCaptureSamplesRequiredForEnroll)));
  if (it != response_map.end()) {
+    if (!it->second.is_unsigned()) {
+      return base::nullopt;
+    }
    response.max_samples_for_enroll = it->second.GetUnsigned();
  }


--- a/device/fido/virtual_ctap2_device.cc
+++ b/device/fido/virtual_ctap2_device.cc
@@ -1334,7 +1334,14 @@ CtapDeviceResponseCode VirtualCtap2Device::OnBioEnrollment(
  // Check for the get-modality command.
  auto it = request_map.find(
      cbor::Value(static_cast<int>(BioEnrollmentRequestKey::kGetModality)));
-  if (it != request_map.end() && it->second.GetBool()) {
+  if (it != request_map.end()) {
+    if (!it->second.is_bool()) {
+      return CtapDeviceResponseCode::kCtap2ErrCBORUnexpectedType;
+    }
+    if (!it->second.GetBool()) {
+      // This value is optional so sending |false| is prohibited by the spec.
+      return CtapDeviceResponseCode::kCtap2ErrInvalidOption;
+    }
    response_map.emplace(static_cast<int>(BioEnrollmentResponseKey::kModality),
                         static_cast<int>(BioEnrollmentModality::kFingerprint));
    *response =
@@ -1345,35 +1352,39 @@ CtapDeviceResponseCode VirtualCtap2Device::OnBioEnrollment(
  // Check for the get-sensor-info command.
  it = request_map.find(
      cbor::Value(static_cast<int>(BioEnrollmentRequestKey::kSubCommand)));
-  if (it != request_map.end() &&
-      it->second.GetUnsigned() ==
-          static_cast<int>(
-              BioEnrollmentSubCommand::kGetFingerprintSensorInfo)) {
-    response_map.emplace(static_cast<int>(BioEnrollmentResponseKey::kModality),
-                         static_cast<int>(BioEnrollmentModality::kFingerprint));
-
-    response_map.emplace(
-        static_cast<int>(BioEnrollmentResponseKey::kFingerprintKind),
-        static_cast<int>(BioEnrollmentFingerprintKind::kTouch));
-    response_map.emplace(
-        static_cast<int>(
-            BioEnrollmentResponseKey::kMaxCaptureSamplesRequiredForEnroll),
-        7);
-
-    *response =
-        cbor::Writer::Write(cbor::Value(std::move(response_map))).value();
-    return CtapDeviceResponseCode::kSuccess;
+  if (it == request_map.end()) {
+    // Could not find a valid command, so return an error.
+    NOTREACHED();
+    return CtapDeviceResponseCode::kCtap2ErrInvalidOption;
  }

-  // Handle all other commands as if they were unsupported (will change when
-  // support is added).
-  if (it != request_map.end()) {
-    return CtapDeviceResponseCode::kCtap2ErrUnsupportedOption;
+  if (!it->second.is_unsigned()) {
+    return CtapDeviceResponseCode::kCtap2ErrCBORUnexpectedType;
  }

-  // Could not find a valid command, so return an error.
-  NOTREACHED();
-  return CtapDeviceResponseCode::kCtap2ErrInvalidOption;
+  switch (static_cast<BioEnrollmentSubCommand>(it->second.GetUnsigned())) {
+    case BioEnrollmentSubCommand::kGetFingerprintSensorInfo:
+      response_map.emplace(
+          static_cast<int>(BioEnrollmentResponseKey::kModality),
+          static_cast<int>(BioEnrollmentModality::kFingerprint));
+
+      response_map.emplace(
+          static_cast<int>(BioEnrollmentResponseKey::kFingerprintKind),
+          static_cast<int>(BioEnrollmentFingerprintKind::kTouch));
+      response_map.emplace(
+          static_cast<int>(
+              BioEnrollmentResponseKey::kMaxCaptureSamplesRequiredForEnroll),
+          7);
+
+      *response =
+          cbor::Writer::Write(cbor::Value(std::move(response_map))).value();
+      return CtapDeviceResponseCode::kSuccess;
+
+    default:
+      // Handle all other commands as if they were unsupported (will change
+      // when support is added).
+      return CtapDeviceResponseCode::kCtap2ErrUnsupportedOption;
+  }
 }

 void VirtualCtap2Device::InitPendingRPs() {