Merge pull request #2109 from dgarske/pkcs7_buf

Fix for proper detection of PKCS7 buffer overflow case
2019-02-25 13:02:09 -08:00
parent b037334732 ee3eb8fb4c
commit 72a50b8d46
1 changed files with 4 additions and 0 deletions
--- a/wolfcrypt/src/pkcs7.c
+++ b/wolfcrypt/src/pkcs7.c
@ -2068,6 +2068,10 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
            totalSz -= pkcs7->contentSz;
        }
    }
+    else {
+        /* if using single output buffer include content and footer */
+        totalSz += total2Sz;
+    }

    if (totalSz > *outputSz) {
        if (pkcs7->signedAttribsSz != 0)