F 569 : Fix stack buffer overflow in encryption setup

[miyazakh]

Fix stack buffer overflow via unbounded scanf in encryption setup
Add test coverage

Depends on: #211 (Merged)
Depends on: #219

[Copilot]

Pull request overview

Fixes a stack buffer overflow in the encryption CLI setup by replacing unbounded scanf("%s", ...) reads with bounded fgets() reads, and adds regression tests to validate stdin-driven input/output filename paths.

Changes:

• Replace unbounded scanf with bounded fgets for -in / -out prompts in encryption setup.
• Add regression tests that supply input/output filenames via stdin (including a non-EVP path probe).
• Expand an OCSP interop test’s expected error-message matching.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 6 comments.

File	Description
tests/ocsp/ocsp-interop-test.sh	Broadens grep pattern to recognize more “missing file” error variants.
tests/encrypt/enc-test.sh	Adds stdin-based regression tests covering the new fgets() input handling.
src/x509/clu_x509_sign.c	Minor formatting cleanup + extends hash-type switch cases under a version gate.
src/crypto/clu_crypto_setup.c	Replaces unsafe scanf("%s") reads with fgets() and newline trimming.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 8 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 5 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Stripping only \"\\n\" leaves a trailing \"\\r\" on CRLF inputs (common on Windows), which can make filenames fail to open. Use a delimiter set like \"\\r\\n\" here (and similarly for outNameEnc/outNameDec).

Suggested change

	inName[strcspn(inName, "\n")] = '\0';
	inName[strcspn(inName, "\r\n")] = '\0';

[Copilot]

Empty input is silently ignored and the loop re-prompts without any feedback. Consider logging a short message (or re-printing the prompt with a clear hint) so interactive users understand why it’s asking again. Same applies to the empty-string checks for outNameEnc/outNameDec.

Suggested change

	if (inName[0] == '\0') {
	if (inName[0] == '\0') {
	wolfCLU_LogError("empty input is not allowed, please try again");

[Copilot]

These tests assume the output files don’t already exist. If ./wolfssl enc prompts/refuses on overwrite (or if a previous run left artifacts), the test can hang or behave inconsistently. Consider rm -f of the target outputs before invoking ./wolfssl enc for each case to make runs idempotent.

Suggested change

	# Test: -in not provided, filename supplied via stdin to exercise the inName Path
	# Test: -in not provided, filename supplied via stdin to exercise the inName Path
	rm -f test-stdin-in.enc test-stdin-in.dec

[Copilot]

These tests assume the output files don’t already exist. If ./wolfssl enc prompts/refuses on overwrite (or if a previous run left artifacts), the test can hang or behave inconsistently. Consider rm -f of the target outputs before invoking ./wolfssl enc for each case to make runs idempotent.

[Copilot]

These tests assume the output files don’t already exist. If ./wolfssl enc prompts/refuses on overwrite (or if a previous run left artifacts), the test can hang or behave inconsistently. Consider rm -f of the target outputs before invoking ./wolfssl enc for each case to make runs idempotent.