TLS 1.3 duplicate KeyShare entry fix

Fix comparison to be greater than or equal in case count is incremented
after maxing out.
This commit is contained in:
Sean Parkinson
2025-11-13 08:23:19 +10:00
parent e78752f3b2
commit 1ec18949bc
+1 -1
View File
@@ -9830,7 +9830,7 @@ static int TLSX_KeyShareEntry_Parse(const WOLFSSL* ssl, const byte* input,
return BUFFER_ERROR;
if (seenGroups != NULL) {
if (*seenGroupsCnt == MAX_KEYSHARE_NAMED_GROUPS) {
if (*seenGroupsCnt >= MAX_KEYSHARE_NAMED_GROUPS) {
return BAD_KEY_SHARE_DATA;
}
for (i = 0; i < *seenGroupsCnt; i++) {