F-6302 - Bound ServerHello session ID copy by remaining sniffer input

This commit is contained in:
aidan garske
2026-06-25 14:26:42 -07:00
parent 7ca965ab9f
commit 5572db7f3b
+4
View File
@@ -3739,6 +3739,10 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
return WOLFSSL_FATAL_ERROR;
}
if (b) {
if (ID_LEN > *sslBytes) {
SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return WOLFSSL_FATAL_ERROR;
}
#ifdef WOLFSSL_TLS13
XMEMCPY(session->sslServer->session->sessionID, input, ID_LEN);
session->sslServer->session->sessionIDSz = ID_LEN;