mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 16:50:48 +02:00
check idx before accessing certificate list
This commit is contained in:
+6
-2
@@ -8770,8 +8770,8 @@ static word32 NextCert(byte* data, word32 length, word32* idx)
|
||||
{
|
||||
word32 len;
|
||||
|
||||
/* Is index at end of list. */
|
||||
if (*idx == length)
|
||||
/* Would index read past end of list? */
|
||||
if (*idx + 3 > length)
|
||||
return 0;
|
||||
|
||||
/* Length of the current ASN.1 encoded certificate. */
|
||||
@@ -8779,6 +8779,10 @@ static word32 NextCert(byte* data, word32 length, word32* idx)
|
||||
/* Include the length field. */
|
||||
len += 3;
|
||||
|
||||
/* Ensure len does not overrun certificate list */
|
||||
if (*idx + len > length)
|
||||
return 0;
|
||||
|
||||
/* Move index to next certificate and return the current certificate's
|
||||
* length.
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user