forked from wolfSSL/wolfssl
Merge pull request #4912 from julek-wolfssl/ZD13742
Check `input` size in `DecodeNsCertType`
This commit is contained in:
@ -15876,13 +15876,16 @@ static int DecodeNsCertType(const byte* input, int sz, DecodedCert* cert)
|
|||||||
int len = 0;
|
int len = 0;
|
||||||
|
|
||||||
WOLFSSL_ENTER("DecodeNsCertType");
|
WOLFSSL_ENTER("DecodeNsCertType");
|
||||||
if (CheckBitString(input, &idx, &len, (word32)sz, 0, NULL) < 0) {
|
|
||||||
|
if (CheckBitString(input, &idx, &len, (word32)sz, 0, NULL) < 0)
|
||||||
return ASN_PARSE_E;
|
return ASN_PARSE_E;
|
||||||
}
|
|
||||||
|
|
||||||
/* Don't need to worry about unused bits as CheckBitString makes sure
|
/* Don't need to worry about unused bits as CheckBitString makes sure
|
||||||
* they're zero. */
|
* they're zero. */
|
||||||
cert->nsCertType = input[idx];
|
if (idx < (word32)sz)
|
||||||
|
cert->nsCertType = input[idx];
|
||||||
|
else
|
||||||
|
return ASN_PARSE_E;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user