feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Properly limit array access in OCSP response decoder

Browse Source
This commit is contained in:
Guido Vranken
2019-11-14 03:19:07 +01:00
parent 99292158e4
commit a3fca34471
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
wolfcrypt/src/asn.c
View File

@ -14799,7 +14799,7 @@ static int GetEnumerated(const byte* input, word32* inOutIdx, int *value,
return BUFFER_E;
len = input[idx++];
if (len > 4 || (int)len > sz)
if (len > 4 || (int)(len + idx) > sz)
return ASN_PARSE_E;
while (len--) {
@ -14859,6 +14859,9 @@ static int DecodeSingleResponse(byte* source,
if (GetSerialNumber(source, &idx, cs->serial, &cs->serialSz, size) < 0)
return ASN_PARSE_E;
if ( idx >= size )
return BUFFER_E;
/* CertStatus */
switch (source[idx++])
{