feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

CID 337232 sanity check on tainted scalar

Browse Source
This commit is contained in:
JacobBarthelmeh
2024-03-18 15:03:04 +07:00
parent be233fc805
commit 635d326812
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/quic.c
View File

@@ -129,6 +129,13 @@ static int quic_record_append(WOLFSSL *ssl, QuicRecord *qr, const uint8_t *data,
consumed = missing;
qr->len = qr_length(qr->data, qr->end);
/* sanity check on length read from wire before use */
if (qr->len > (len + qr->capacity)) {
ret = BUFFER_E;
goto cleanup;
}
if (qr->len > qr->capacity) {
uint8_t *ndata = (uint8_t*)XREALLOC(qr->data, qr->len, ssl->heap,
DYNAMIC_TYPE_TMP_BUFFER);