Add missing length checks and fix length calculation for PSK in SendClientKeyExchange.

Thanks to Zou Dikai for the reports.
This commit is contained in:
Kareem
2026-04-21 15:22:30 -07:00
parent ec9b2c0e8b
commit 3a1766dbf2
+10 -4
View File
@@ -33900,7 +33900,8 @@ int SendClientKeyExchange(WOLFSSL* ssl)
/* Ensure the buffer is null-terminated. */
ssl->arrays->client_identity[MAX_PSK_ID_LEN] = '\0';
args->encSz = (word32)XSTRLEN(ssl->arrays->client_identity);
if (args->encSz > MAX_PSK_ID_LEN) {
if (args->encSz > MAX_PSK_ID_LEN ||
args->encSz > MAX_ENCRYPT_SZ) {
ERROR_OUT(CLIENT_ID_ERROR, exit_scke);
}
XMEMCPY(args->encSecret, ssl->arrays->client_identity,
@@ -33931,6 +33932,9 @@ int SendClientKeyExchange(WOLFSSL* ssl)
if (esSz > MAX_PSK_ID_LEN) {
ERROR_OUT(CLIENT_ID_ERROR, exit_scke);
}
if (esSz > MAX_ENCRYPT_SZ - OPAQUE16_LEN) {
ERROR_OUT(CLIENT_ID_ERROR, exit_scke);
}
/* CLIENT: Pre-shared Key for peer authentication. */
ssl->options.peerAuthGood = 1;
@@ -33982,6 +33986,9 @@ int SendClientKeyExchange(WOLFSSL* ssl)
if (esSz > MAX_PSK_ID_LEN) {
ERROR_OUT(CLIENT_ID_ERROR, exit_scke);
}
if (esSz > MAX_ENCRYPT_SZ - OPAQUE16_LEN) {
ERROR_OUT(CLIENT_ID_ERROR, exit_scke);
}
/* CLIENT: Pre-shared Key for peer authentication. */
ssl->options.peerAuthGood = 1;
@@ -33990,10 +33997,9 @@ int SendClientKeyExchange(WOLFSSL* ssl)
args->output += OPAQUE16_LEN;
XMEMCPY(args->output, ssl->arrays->client_identity, esSz);
args->output += esSz;
args->encSz = esSz + OPAQUE16_LEN;
/* length is used for public key size */
args->length = MAX_ENCRYPT_SZ;
args->length = args->encSz - esSz - OPAQUE16_LEN;
args->encSz = esSz + OPAQUE16_LEN;
/* Create shared ECC key leaving room at the beginning
* of buffer for size of shared key. */