From 564248891e7addfca7484168380b97168b046d0d Mon Sep 17 00:00:00 2001 From: Roy Carter Date: Thu, 16 Apr 2026 13:24:11 +0300 Subject: [PATCH] Refactor - Change note to support maximum of 255 (based on RFC) for that we define maximum copy of <=254 to avoid buffer overflow attempts upon exactly 255.. --- wolfssl/internal.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 86fb9ab80c..620fb5cea2 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -1569,7 +1569,7 @@ enum Misc { SEED_LEN = RAN_LEN * 2, /* tls prf seed length */ ID_LEN = 32, /* session id length */ COOKIE_SECRET_SZ = 14, /* dtls cookie secret size */ - MAX_COOKIE_LEN = 255, /* max dtls cookie size per RFC 6347 (opaque<0..2^8-1>) */ + MAX_COOKIE_LEN = 254, /* max dtls cookie size per RFC 6347 (opaque<0..2^8-1>) more than 254 */ COOKIE_SZ = 20, /* use a 20 byte cookie */ SUITE_LEN = 2, /* cipher suite sz length */ ENUM_LEN = 1, /* always a byte */