wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 20:24:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

sanity check on pkcs7 input size (#4386)

Browse Source
This commit is contained in:
JacobBarthelmeh
2021-09-13 05:34:23 +07:00
committed by GitHub
parent 42db91e454
commit 4bd87a0c41
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
wolfcrypt/src/pkcs7.c
View File

@@ -4276,6 +4276,11 @@ static int wc_PKCS7_ParseSignerInfo(PKCS7* pkcs7, byte* in, word32 inSz,
} }
} }
if (ret == 0) {
if (length > (int)inSz - (int)idx)
ret = BUFFER_E;
}
if (ret == 0) { if (ret == 0) {
ret = wc_PKCS7_SignerInfoSetSID(pkcs7, in + idx, length); ret = wc_PKCS7_SignerInfoSetSID(pkcs7, in + idx, length);
idx += length; idx += length;
@@ -5244,6 +5249,11 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
if (pkiMsg != in && pkcs7->stream->length > 0) { if (pkiMsg != in && pkcs7->stream->length > 0) {
pkiMsg2Sz = pkcs7->stream->length; pkiMsg2Sz = pkcs7->stream->length;
} }
else {
/* if pkiMsg2 is pkiMsg and not using an internal stream
* buffer then the size is limited by inSz */
pkiMsg2Sz = inSz;
}
} }
/* restore content */ /* restore content */