From 1dd213db76eb7a52c04de917058e3215c18c5e64 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Mon, 24 Jan 2022 12:30:48 +1000 Subject: [PATCH] ParseCert: check index in DecodeSubtree before accessing tag --- wolfcrypt/src/asn.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index b94f4f0e2..9d8ce8839 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -15968,6 +15968,12 @@ static int DecodeSubtree(const byte* input, int sz, Base_entry** head, WOLFSSL_MSG("\tfail: should be a SEQUENCE"); return ASN_PARSE_E; } + + if (idx >= (word32)sz) { + WOLFSSL_MSG("\tfail: expecting tag"); + return ASN_PARSE_E; + } + nameIdx = idx; b = input[nameIdx++];