Also check returned size matches for RSA verfiy in openssl compatability layer.

src/ssl.c

@@ -24116,7 +24116,8 @@ int wolfSSL_RSA_verify(int type, const unsigned char* m,
     }
     show("Encoded Message", sigRet, len);
     /* decrypt signature */
-    ret = wc_RsaSSL_Verify(sig, sigLen, (unsigned char *)sigDec, sigLen, (RsaKey*)rsa->internal);
+    ret = wc_RsaSSL_Verify(sig, sigLen, (unsigned char *)sigDec, sigLen,
+        (RsaKey*)rsa->internal);
     if (ret <= 0) {
         WOLFSSL_MSG("RSA Decrypt error");
         XFREE(sigRet, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -24125,12 +24126,13 @@ int wolfSSL_RSA_verify(int type, const unsigned char* m,
     }
     show("Decrypted Signature", sigDec, ret);
 
-    if(XMEMCMP(sigRet, sigDec, ret) == 0){
+    if ((int)len == ret && XMEMCMP(sigRet, sigDec, ret) == 0) {
         WOLFSSL_MSG("wolfSSL_RSA_verify success");
         XFREE(sigRet, NULL, DYNAMIC_TYPE_TMP_BUFFER);
         XFREE(sigDec, NULL, DYNAMIC_TYPE_TMP_BUFFER);
         return WOLFSSL_SUCCESS;
-    } else {
+    }
+    else {
         WOLFSSL_MSG("wolfSSL_RSA_verify failed");
         XFREE(sigRet, NULL, DYNAMIC_TYPE_TMP_BUFFER);
         XFREE(sigDec, NULL, DYNAMIC_TYPE_TMP_BUFFER);