fix for PKCS7 KEKRI array bounds check warning on gcc 8.2.0

2018-12-03 11:15:33 -08:00
parent 28dc1cbb67
commit 9bda19fd25
1 changed files with 4 additions and 0 deletions
--- a/wolfcrypt/src/pkcs7.c
+++ b/wolfcrypt/src/pkcs7.c
@ -6683,6 +6683,10 @@ int wc_PKCS7_AddRecipient_KEKRI(PKCS7* pkcs7, int keyWrapOID, byte* kek,
        return encryptedKeySz;
    }

+    if (encryptedKeySz > MAX_ENCRYPTED_KEY_SZ) {
+        return WC_KEY_SIZE_E;
+    }
+
    encKeyOctetStrSz = SetOctetString(encryptedKeySz, encKeyOctetStr);
    totalSz += (encKeyOctetStrSz + encryptedKeySz);