feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

sanity check on input length before secure renegotiation compare

Browse Source
This commit is contained in:
Jacob Barthelmeh
2020-04-07 10:10:03 -06:00
parent 9a1687d00e
commit 1ce0268477
1 changed files with 15 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/tls.c
View File

@ -4788,6 +4788,11 @@ static int TLSX_SecureRenegotiation_Parse(WOLFSSL* ssl, byte* input,
}
}
else if (*input == TLS_FINISHED_SZ) {
if (length < TLS_FINISHED_SZ + 1) {
WOLFSSL_MSG("SCR malformed buffer");
ret = BUFFER_E;
}
else {
input++; /* get past size */
/* validate client verify data */
@ -4802,6 +4807,7 @@ static int TLSX_SecureRenegotiation_Parse(WOLFSSL* ssl, byte* input,
WOLFSSL_MSG("SCR client verify data Failure");
}
}
}
#endif
}
else {