Fix finding 355

padelsbach · padelsbach · commit d721f7b8c6c2 · 2026-03-06T15:07:43.000-08:00
diff --git a/examples/wrap/wrap_test.c b/examples/wrap/wrap_test.c
@@ -989,7 +989,7 @@ int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
     /* PCR TESTS */
     /*------------------------------------------------------------------------*/
     /* Read PCR Index 0 */
-    hashSz = 0;
+    hashSz = sizeof(hashBuf);
     rc = wolfTPM2_ReadPCR(&dev, 0, TEST_WRAP_DIGEST, hashBuf, &hashSz);
     if (rc != 0) goto exit;
 
@@ -1001,6 +1001,7 @@ int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
     if (rc != 0 && !WOLFTPM_IS_COMMAND_UNAVAILABLE(rc)) goto exit;
 
     /* Read PCR Index 0 */
+    hashSz = sizeof(hashBuf);
     rc = wolfTPM2_ReadPCR(&dev, 0, TEST_WRAP_DIGEST, hashBuf, &hashSz);
     if (rc != 0) goto exit;
     printf("PCR Test pass\n");
diff --git a/src/tpm2_wrap.c b/src/tpm2_wrap.c
@@ -4804,8 +4804,22 @@ int wolfTPM2_ReadPCR(WOLFTPM2_DEV* dev, int pcrIndex, int hashAlg, byte* digest,
     }
 
     digestLen = (int)pcrReadOut.pcrValues.digests[0].size;
-    if (digest)
+    if (digest) {
+        if (pDigestLen == NULL) {
+        #ifdef DEBUG_WOLFTPM
+            printf("TPM2_PCR_Read: NULL pDigestLen with non-NULL digest\n");
+        #endif
+            return BAD_FUNC_ARG;
+        }
+        if (*pDigestLen < (int)pcrReadOut.pcrValues.digests[0].size) {
+        #ifdef DEBUG_WOLFTPM
+            printf("TPM2_PCR_Read: Digest buffer too small %d -> %d\n",
+                *pDigestLen, (int)pcrReadOut.pcrValues.digests[0].size);
+        #endif
+            return BUFFER_E;
+        }
         XMEMCPY(digest, pcrReadOut.pcrValues.digests[0].buffer, digestLen);
+    }
 
 #ifdef DEBUG_WOLFTPM
     printf("TPM2_PCR_Read: Index %d, Digest Sz %d, Update Counter %d\n",
