CID 299893 out of bounds read with XMEMCMP

This commit is contained in:
JacobBarthelmeh
2024-03-18 16:42:15 +07:00
parent be233fc805
commit d6b4b27cd1

View File

@ -10382,7 +10382,8 @@ int DoTls13Finished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (sniff == NO_SNIFF) {
/* Actually check verify data. */
if (XMEMCMP(input + *inOutIdx, mac, size) != 0){
if (size > WC_MAX_DIGEST_SIZE ||
XMEMCMP(input + *inOutIdx, mac, size) != 0){
WOLFSSL_MSG("Verify finished error on hashes");
SendAlert(ssl, alert_fatal, decrypt_error);
WOLFSSL_ERROR_VERBOSE(VERIFY_FINISHED_ERROR);