Implicit Type Conversion Warnings to Prevent Potential Data Truncation in WolfHSM #173
Description
Description
Multiple compiler warnings have been detected across the WolfHSM module regarding potential data truncation during implicit type conversions. These warnings indicate that larger data types are being assigned to smaller data types without explicit casting, which could result in data loss if the values exceed the target type's range.
Affected Files
wolfssl/wolfcrypt/src/asn.c
wolfssl/wolfcrypt/src/dilithium.c
wolfssl/wolfcrypt/src/fe_low_mem.c
wolfHSM/src/wh_crypto.c
wolfHSM/src/wh_nvm_flash.c
Risk Assessment
These truncation warnings are particularly concerning in cryptographic code where:
Data integrity is critical for security
Unexpected truncation could lead to incorrect calculations
Potential side-channel vulnerabilities could be introduced
Inconsistent behavior across different platforms/compilers
One example:
state->epoch = buffer.epoch; Here state->epoch is uint32 while buffer.epoch is uint64_t
typedef struct {
whFlashUnit epoch; /* Not Erased: counter /
whFlashUnit start; / Not Erased: unit offset to start of data /
whFlashUnit count; / Not Erased: unit count of data written */
} nfState;
typedef uint64_t whFlashUnit;
typedef struct {
nfStatus status;
uint32_t epoch;
uint32_t start;
uint32_t count;
} nfMemState;
Warning List :
["../wolfssl/wolfcrypt/src/asn.c" 18566/29] possible truncation at implicit conversion to type "unsigned char"
["../wolfssl/wolfcrypt/src/dilithium.c" 8352/72] possible truncation at implicit conversion to type "unsigned char"
["../wolfssl/wolfcrypt/src/dilithium.c" 8464/74] possible truncation at implicit conversion to type "unsigned char"
["../wolfssl/wolfcrypt/src/fe_low_mem.c" 170/33] possible truncation at implicit conversion to type "unsigned char"
["../wolfssl/wolfcrypt/src/fe_low_mem.c" 171/33] possible truncation at implicit conversion to type "unsigned char"
["../wolfssl/wolfcrypt/src/fe_low_mem.c" 172/32] possible truncation at implicit conversion to type "unsigned char"
["../wolfssl/wolfcrypt/src/fe_low_mem.c" 173/32] possible truncation at implicit conversion to type "unsigned char"
["../wolfssl/wolfcrypt/src/fe_low_mem.c" 299/14] possible truncation at implicit conversion to type "unsigned char"
["../wolfssl/wolfcrypt/src/fe_low_mem.c" 389/14] possible truncation at implicit conversion to type "unsigned char"
["../wolfssl/wolfcrypt/src/fe_low_mem.c" 399/14] possible truncation at implicit conversion to type "unsigned char"
["../wolfssl/wolfcrypt/src/fe_low_mem.c" 414/14] possible truncation at implicit conversion to type "unsigned char"
["../wolfssl/wolfcrypt/src/fe_low_mem.c" 424/14] possible truncation at implicit conversion to type "unsigned char"
["../wolfssl/wolfcrypt/src/fe_low_mem.c" 446/14] possible truncation at implicit conversion to type "unsigned char"
["../wolfssl/wolfcrypt/src/fe_low_mem.c" 454/14] possible truncation at implicit conversion to type "unsigned char"
["../wolfssl/wolfcrypt/src/fe_low_mem.c" 477/14] possible truncation at implicit conversion to type "unsigned char"
["../wolfssl/wolfcrypt/src/fe_low_mem.c" 486/14] possible truncation at implicit conversion to type "unsigned char"
["../wolfHSM/src/wh_crypto.c" 73/23] possible truncation at implicit conversion to type "unsigned short int"
["../wolfHSM/src/wh_crypto.c" 230/18] possible truncation at implicit conversion to type "unsigned short int"
["../wolfHSM/src/wh_crypto.c" 293/19] possible truncation at implicit conversion to type "unsigned short int"
["../wolfHSM/src/wh_nvm_flash.c" 205/18] possible truncation at implicit conversion to type "unsigned int"
["../wolfHSM/src/wh_nvm_flash.c" 206/18] possible truncation at implicit conversion to type "unsigned int"
["../wolfHSM/src/wh_nvm_flash.c" 207/18] possible truncation at implicit conversion to type "unsigned int"
["../wolfHSM/src/wh_nvm_flash.c" 997/39] possible truncation at implicit conversion to type "unsigned short int"
["../wolfHSM/src/wh_nvm_flash.c" 1023/30] possible truncation at implicit conversion to type "unsigned short int"