From 11189fe386a83e09c47d37032391885091dabdf3 Mon Sep 17 00:00:00 2001
From: Eric Blankenhorn <eric@wolfssl.com>
Date: Wed, 24 Mar 2021 09:33:03 -0500
Subject: [PATCH] Sanity check size in TLSX_Parse

---
 src/tls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/tls.c b/src/tls.c
index 60fcc7a48..27bdf93c1 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -11043,7 +11043,7 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
         ato16(input + offset, &size);
         offset += OPAQUE16_LEN;
 
-        if (offset + size > length)
+        if (length - offset < size)
             return BUFFER_ERROR;
 
         switch (type) {