additional sanity check on alert message size

This commit is contained in:
JacobBarthelmeh
2026-06-15 16:49:54 -06:00
parent 994a1fbacc
commit 68422e84de
+2 -1
View File
@@ -22127,7 +22127,8 @@ static int DoAlert(WOLFSSL* ssl, byte* input, word32* inOutIdx, int* type)
dataSz -= ssl->keys.padSz;
/* make sure can read the message */
if (dataSz != ALERT_SIZE) {
if (dataSz != ALERT_SIZE ||
*inOutIdx + ALERT_SIZE > ssl->buffers.inputBuffer.length) {
#ifdef WOLFSSL_EXTRA_ALERTS
SendAlert(ssl, alert_fatal, unexpected_message);
#endif