x509: make sure pem buffer will be large enough to hold pem header

Found with Fil-C compiler
2026-01-26 21:32:26 +01:00 · 2025-10-23 13:27:44 +02:00
parent 4daab8a813
commit 36b64fb5ae
1 changed files with 1 additions and 1 deletions
--- a/src/x509.c
+++ b/src/x509.c
@@ -12368,7 +12368,7 @@ WOLFSSL_X509_CRL* wolfSSL_PEM_read_X509_CRL(XFILE fp,
            return WOLFSSL_FAILURE;
        }

-        if ((l = wolfSSL_BIO_get_len(bio)) <= 0) {
+        if ((l = wolfSSL_BIO_get_len(bio)) <= pem_struct_min_sz) {
            /* No certificate in buffer */
            WOLFSSL_ERROR(ASN_NO_PEM_HEADER);
            return WOLFSSL_FAILURE;