feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Added more bounds checking when saving a DTLS message fragment.

Browse Source
This commit is contained in:
John Safranek
2014-08-14 15:14:29 -07:00
parent 9d4fb79009
commit 7e6b3a86d5
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/internal.c
View File

@@ -2267,7 +2267,9 @@ void DtlsMsgListDelete(DtlsMsg* head, void* heap)
void DtlsMsgSet(DtlsMsg* msg, word32 seq, const byte* data, byte type,
word32 fragOffset, word32 fragSz)
{
if (msg != NULL && data != NULL && msg->fragSz <= msg->sz) {
if (msg != NULL && data != NULL && msg->fragSz <= msg->sz &&
fragOffset < msg->sz && (fragOffset + fragSz) <= msg->sz) {
msg->seq = seq;
msg->type = type;
msg->fragSz += fragSz;