From e1435e96d22d973817626f7d8f5d7debe6bb426c Mon Sep 17 00:00:00 2001
From: John Bland <john.bland@wolfssl.com>
Date: Wed, 3 Jan 2024 17:21:08 -0500
Subject: [PATCH] do bounds check on full word32 size to match

inputBuffer length
---
 src/internal.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 98dd6cda1..8189e3eaa 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -21162,16 +21162,19 @@ default:
                 ssl->keys.decryptedCur = 1;
 #ifdef WOLFSSL_TLS13
                 if (ssl->options.tls1_3) {
-                    /* end of plaintext */
-                    word16 i = (word16)(ssl->buffers.inputBuffer.idx +
-                                 ssl->curSize - ssl->specs.aead_mac_size);
-
-                    /* check i isn't too big and won't wrap around on --i */
-                    if (i > ssl->buffers.inputBuffer.length || i == 0) {
+                    /* check that the end of the logical length doesn't extend
+                     * past the real buffer */
+                    word32 boundsCheck = (ssl->buffers.inputBuffer.idx +
+                        ssl->curSize - ssl->specs.aead_mac_size);
+                    if (boundsCheck > ssl->buffers.inputBuffer.length ||
+                        boundsCheck == 0) {
                         WOLFSSL_ERROR(BUFFER_ERROR);
                         return BUFFER_ERROR;
                     }
 
+                    /* end of plaintext */
+                    word16 i = (word16)(boundsCheck);
+
                     /* Remove padding from end of plain text. */
                     for (--i; i > ssl->buffers.inputBuffer.idx; i--) {
                         if (ssl->buffers.inputBuffer.buffer[i] != 0)