Merge pull request #7536 from gasbytes/buffer_overflows_fix

added check that checks if the SEQ's length is > than the buff's length
wolfSSL · May 15, 2024 · fd4db14 · fd4db14
2 parents ac7aea9 + 2f24b35
commit fd4db14
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/src/ssl_load.c b/src/ssl_load.c
@@ -160,6 +160,10 @@ static int DataToDerBuffer(const unsigned char* buff, word32 len, int format,
  else {
  ret = ASN_PARSE_E;
  }
+
+ if (info->consumed > (int)len) {
+ ret = ASN_PARSE_E;
+ }
  if (ret == 0) {
  ret = AllocCopyDer(der, buff, (word32)info->consumed, type, heap);
  }