feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #7347 from JacobBarthelmeh/coverity2

Browse Source 
Coverity Fixes QUIC
This commit is contained in:
David Garske
2024-03-18 09:04:09 -07:00
committed by GitHub
parent ffb43d0150 dd6db025e3
commit 50b1044c2f
2 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/quic.c
View File

@ -83,6 +83,11 @@ static QuicRecord *quic_record_make(WOLFSSL *ssl,
}
else {
qr->capacity = qr->len = qr_length(data, len);
if (qr->capacity > WOLFSSL_QUIC_MAX_RECORD_CAPACITY) {
WOLFSSL_MSG("QUIC length read larger than expected");
quic_record_free(ssl, qr);
return NULL;
}
}
if (qr->capacity == 0) {
qr->capacity = 2*1024;
@ -129,6 +134,14 @@ static int quic_record_append(WOLFSSL *ssl, QuicRecord *qr, const uint8_t *data,
consumed = missing;
qr->len = qr_length(qr->data, qr->end);
/* sanity check on length read from wire before use */
if (qr->len > WOLFSSL_QUIC_MAX_RECORD_CAPACITY) {
WOLFSSL_MSG("Length read for quic is larger than expected");
ret = BUFFER_E;
goto cleanup;
}
if (qr->len > qr->capacity) {
uint8_t *ndata = (uint8_t*)XREALLOC(qr->data, qr->len, ssl->heap,
DYNAMIC_TYPE_TMP_BUFFER);

9
wolfssl/quic.h
View File

@ -290,6 +290,15 @@ int wolfSSL_quic_hkdf(uint8_t* dest, size_t destlen,
const uint8_t* salt, size_t saltlen,
const uint8_t* info, size_t infolen);
/* most common QUIC packet size as of 2022 was 1,200 bytes
* largest packet size listed in the RFC is 1,392 bytes
* this gives plenty of breathing room for capacity of records but keeps sizes
* read from the wire sane */
#ifndef WOLFSSL_QUIC_MAX_RECORD_CAPACITY
/* 1024*1024 -- 1 MB */
#define WOLFSSL_QUIC_MAX_RECORD_CAPACITY (1048576)
#endif
#endif /* WOLFSSL_QUIC */
#ifdef __cplusplus