From d8a54e1a32ec7e54cbb6aba3f134630b07f731ed Mon Sep 17 00:00:00 2001
From: Elms <jeff@wolfssl.com>
Date: Thu, 29 Jul 2021 12:56:58 -0700
Subject: [PATCH] tls13: avoid buffer overflow with size check

For cases where a private key that is larger than the configured
maximum is passed.
---
 src/tls13.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/tls13.c b/src/tls13.c
index 524b751b4..faef6bd95 100644
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -6073,6 +6073,10 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
 
         case TLS_ASYNC_BUILD:
         {
+            int rem = ssl->buffers.outputBuffer.bufferSize
+              - ssl->buffers.outputBuffer.length
+              - RECORD_HEADER_SZ - HANDSHAKE_HEADER_SZ;
+
             /* idx is used to track verify pointer offset to output */
             args->idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
             args->verify =
@@ -6092,6 +6096,10 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
                     goto exit_scv;
             }
 
+            if (rem < 0 || args->length > rem) {
+                ERROR_OUT(BUFFER_E, exit_scv);
+            }
+
             if (args->length == 0) {
                 ERROR_OUT(NO_PRIVATE_KEY, exit_scv);
             }