mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 15:10:48 +02:00
Ensure the length computed by CheckHeaders in the SSL sniffer does not exceed the actual size of the packets.
Thanks to Haruto Kimura (Stella) for the report.
This commit is contained in:
@@ -5520,6 +5520,12 @@ static int CheckHeaders(IpInfo* ipInfo, TcpInfo* tcpInfo, const byte* packet,
|
||||
* data after the IP record for the FCS for Ethernet. */
|
||||
*sslBytes = (int)(packet + ipInfo->total - *sslFrame);
|
||||
|
||||
/* Ensure sslBytes does not exceed the actual size. */
|
||||
if (*sslBytes > (int)(length - (*sslFrame - packet))) {
|
||||
SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
}
|
||||
|
||||
(void)checkReg;
|
||||
|
||||
return 0;
|
||||
|
||||
Reference in New Issue
Block a user