forked from wolfSSL/wolfssl
CID 299893 out of bounds read with XMEMCMP
This commit is contained in:
@ -10382,7 +10382,8 @@ int DoTls13Finished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
|
||||
if (sniff == NO_SNIFF) {
|
||||
/* Actually check verify data. */
|
||||
if (XMEMCMP(input + *inOutIdx, mac, size) != 0){
|
||||
if (size > WC_MAX_DIGEST_SIZE ||
|
||||
XMEMCMP(input + *inOutIdx, mac, size) != 0){
|
||||
WOLFSSL_MSG("Verify finished error on hashes");
|
||||
SendAlert(ssl, alert_fatal, decrypt_error);
|
||||
WOLFSSL_ERROR_VERBOSE(VERIFY_FINISHED_ERROR);
|
||||
|
Reference in New Issue
Block a user