dtls13: Dtls13ParseUnifiedRecordLayer: add overflow check

2022-09-20 09:30:30 +02:00
parent 804081e7c2
commit 400d3c6963
1 changed files with 2 additions and 0 deletions
--- a/src/dtls13.c
+++ b/src/dtls13.c
@@ -1362,6 +1362,8 @@ int Dtls13ParseUnifiedRecordLayer(WOLFSSL* ssl, const byte* input,
       to create record number xor mask). (draft 43 - Sec 4.2.3) */
    if (hdrInfo->recordLength < DTLS13_RN_MASK_SIZE)
        return LENGTH_ERROR;
+    if (inputSize < idx + DTLS13_RN_MASK_SIZE)
+        return BUFFER_ERROR;

    ret = Dtls13EncryptDecryptRecordNumber(ssl, seqNum, seqLen, input + idx,
        DEPROTECT);