Merge pull request #7880 from ColtonWilley/tls13_send_cert_use_signed…

…_len Use signed variable for length calculation in SendTls13Certificate
wolfSSL · Aug 29, 2024 · fab5c9f · fab5c9f
2 parents ef4ea53 + a57d234
commit fab5c9f
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/src/tls13.c b/src/tls13.c
@@ -8462,12 +8462,13 @@ static int SendTls13Certificate(WOLFSSL* ssl)
  int ret = 0;
  word32 certSz, certChainSz, headerSz, listSz, payloadSz;
  word16 extSz = 0;
- word32 length, maxFragment;
+ word32 maxFragment;
  word32 len = 0;
  word32 idx = 0;
  word32 offset = OPAQUE16_LEN;
  byte* p = NULL;
  byte certReqCtxLen = 0;
+ sword32 length;
 #ifdef WOLFSSL_POST_HANDSHAKE_AUTH
  byte* certReqCtx = NULL;
 #endif
@@ -8513,7 +8514,7 @@ static int SendTls13Certificate(WOLFSSL* ssl)
  listSz = 0;
  }
  else {
- if (!ssl->buffers.certificate) {
+ if (!ssl->buffers.certificate || !ssl->buffers.certificate->buffer) {
  WOLFSSL_MSG("Send Cert missing certificate buffer");
  return NO_CERT_ERROR;
  }
@@ -8604,7 +8605,7 @@ static int SendTls13Certificate(WOLFSSL* ssl)
 #endif /* WOLFSSL_DTLS13 */
  }
  else {
- fragSz = min(length, maxFragment);
+ fragSz = min((word32)length, maxFragment);
  sendSz += fragSz;
  }