Make sure size check doesn't underflow

F-30
This commit is contained in:
Juliusz Sosinowicz
2026-03-06 17:05:35 +01:00
parent 80938758ac
commit 5e22d04baf
+3 -1
View File
@@ -22880,8 +22880,10 @@ default:
#ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->version)) {
tooLong = ssl->curSize > MAX_TLS13_ENC_SZ;
tooLong |= ssl->curSize - ssl->specs.aead_mac_size >
if (ssl->specs.aead_mac_size < ssl->curSize) {
tooLong |= ssl->curSize - ssl->specs.aead_mac_size >
MAX_TLS13_PLAIN_SZ;
}
}
#endif
#ifdef WOLFSSL_EXTRA_ALERTS