feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

CID 299893 out of bounds read with XMEMCMP

Browse Source
This commit is contained in:
JacobBarthelmeh
2024-03-18 16:42:15 +07:00
parent be233fc805
commit d6b4b27cd1
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/tls13.c
View File

@ -10382,7 +10382,8 @@ int DoTls13Finished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (sniff == NO_SNIFF) { if (sniff == NO_SNIFF) {
/* Actually check verify data. */ /* Actually check verify data. */
if (XMEMCMP(input + *inOutIdx, mac, size) != 0){ if (size > WC_MAX_DIGEST_SIZE ||
XMEMCMP(input + *inOutIdx, mac, size) != 0){
WOLFSSL_MSG("Verify finished error on hashes"); WOLFSSL_MSG("Verify finished error on hashes");
SendAlert(ssl, alert_fatal, decrypt_error); SendAlert(ssl, alert_fatal, decrypt_error);
WOLFSSL_ERROR_VERBOSE(VERIFY_FINISHED_ERROR); WOLFSSL_ERROR_VERBOSE(VERIFY_FINISHED_ERROR);