From 5564be61134faf248f5c05739416a82365932332 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Fri, 28 Jul 2017 17:42:52 -0600
Subject: [PATCH] sanity check on index when adding cipher suites

---
 src/internal.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index a93aaf193..3f5060f5b 100755
--- a/src/internal.c
+++ b/src/internal.c
@@ -15783,6 +15783,11 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
                 }
             #endif /* WOLFSSL_DTLS */
 
+                if (idx + 1 >= WOLFSSL_MAX_SUITE_SZ) {
+                    WOLFSSL_MSG("WOLFSSL_MAX_SUITE_SZ set too low");
+                    return 0; /* suites buffer not large enough, error out */
+                }
+
                 suites->suites[idx++] = (XSTRSTR(name, "TLS13"))  ? TLS13_BYTE
                                       : (XSTRSTR(name, "CHACHA")) ? CHACHA_BYTE
                                       : (XSTRSTR(name, "QSH"))    ? QSH_BYTE