feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #6924 from JacobBarthelmeh/srtp

Browse Source 
sanity check on length before ato16 with SRTP
This commit is contained in:
David Garske
2023-10-28 16:13:06 -07:00
committed by GitHub
parent cc45b31470 07c8c5c8ca
commit 2c91ecb466
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/tls.c
View File

@ -5820,6 +5820,12 @@ static int TLSX_UseSRTP_Parse(WOLFSSL* ssl, const byte* input, word16 length,
/* parse remainder one profile at a time, looking for match in CTX */ /* parse remainder one profile at a time, looking for match in CTX */
ret = 0; ret = 0;
for (i=offset; i<length; i+=OPAQUE16_LEN) { for (i=offset; i<length; i+=OPAQUE16_LEN) {
if (length < (i + OPAQUE16_LEN)) {
WOLFSSL_MSG("Unexpected length when parsing SRTP profile");
ret = BUFFER_ERROR;
break;
}
ato16(input+i, &profile_value); ato16(input+i, &profile_value);
/* find first match */ /* find first match */
if (profile_value < 16 && if (profile_value < 16 &&