wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-03 12:44:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

address fortify critical issues

Browse Source
This commit is contained in:
Chris Conlon
2016-12-19 11:53:14 -07:00
parent 483e461c49
commit 060ff5e5ef
2 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/internal.c
View File

@@ -10527,6 +10527,8 @@ int SendCertificate(WOLFSSL* ssl)
sendSz = BuildMessage(ssl, output, sendSz, input, inputSz, sendSz = BuildMessage(ssl, output, sendSz, input, inputSz,
handshake, 1, 0); handshake, 1, 0);
if (inputSz > 0)
XFREE(input, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(input, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (sendSz < 0) if (sendSz < 0)

8
wolfcrypt/src/asn.c
View File

@@ -1907,6 +1907,14 @@ int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
return ASN_PARSE_E; return ASN_PARSE_E;
} }
if (length > MAX_IV_SIZE) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ASN_PARSE_E;
}
XMEMCPY(cbcIv, &input[inOutIdx], length); XMEMCPY(cbcIv, &input[inOutIdx], length);
inOutIdx += length; inOutIdx += length;
} }