From 2f24b35ab16119cae205944629396f055f2e8d98 Mon Sep 17 00:00:00 2001
From: gasbytes <reda.chouk.01@gmail.com>
Date: Wed, 15 May 2024 18:20:33 +0200
Subject: [PATCH] added check that checks if the SEQ's length is > than the
 buff's length

---
 src/ssl_load.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/ssl_load.c b/src/ssl_load.c
index 1562da6fe5..e6a1dc4889 100644
--- a/src/ssl_load.c
+++ b/src/ssl_load.c
@@ -160,6 +160,10 @@ static int DataToDerBuffer(const unsigned char* buff, word32 len, int format,
         else {
             ret = ASN_PARSE_E;
         }
+
+        if (info->consumed > (int)len) {
+            ret = ASN_PARSE_E;
+        }
         if (ret == 0) {
             ret = AllocCopyDer(der, buff, (word32)info->consumed, type, heap);
         }