Merge pull request #9914 from julek-wolfssl/fenrir/30

Make sure size check doesn't underflow
This commit is contained in:
Daniel Pouzzner
2026-03-06 22:30:51 -06:00
committed by GitHub
+3 -1
View File
@@ -22880,8 +22880,10 @@ default:
#ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->version)) {
tooLong = ssl->curSize > MAX_TLS13_ENC_SZ;
tooLong |= ssl->curSize - ssl->specs.aead_mac_size >
if (ssl->specs.aead_mac_size < ssl->curSize) {
tooLong |= ssl->curSize - ssl->specs.aead_mac_size >
MAX_TLS13_PLAIN_SZ;
}
}
#endif
#ifdef WOLFSSL_EXTRA_ALERTS