Merge pull request #8715 from padelsbach/ssl-certman-codesonar

Speculative fix for CodeSonar overflow issue in ssl_certman.c
2025-05-06 14:49:57 -07:00
parent 1ee954a38c b4d94429d1
commit 213c43b0fc
1 changed files with 1 additions and 1 deletions
--- a/src/ssl_certman.c
+++ b/src/ssl_certman.c
@ -1525,7 +1525,7 @@ int CM_MemRestoreCertCache(WOLFSSL_CERT_MANAGER* cm, const void* mem, int sz)
    WOLFSSL_ENTER("CM_MemRestoreCertCache");

    /* Check memory available is bigger than cache header. */
-    if (current > end) {
+    if ((sz < (int)sizeof(CertCacheHeader)) || (current > end)) {
        WOLFSSL_MSG("Cert Cache Memory buffer too small");
        ret = BUFFER_E;
    }