Enforce max size of responses array in SendCertificateStatus.

Thanks to Zou Dikai for the report.
This commit is contained in:
Kareem
2026-04-06 15:30:00 -07:00
parent 5d0e050271
commit 78abd541ec
+9
View File
@@ -25925,6 +25925,10 @@ int SendCertificateStatus(WOLFSSL* ssl)
if (idx > chain->length)
break;
if ((i + 1) >= MAX_CERT_EXTENSIONS) {
ret = MAX_CERT_EXTENSIONS_ERR;
break;
}
ret = CreateOcspRequest(ssl, request, cert, der.buffer,
der.length, &ctxOwnsRequest);
if (ret == 0) {
@@ -25953,6 +25957,11 @@ int SendCertificateStatus(WOLFSSL* ssl)
else {
while (ret == 0 &&
NULL != (request = ssl->ctx->chainOcspRequest[i])) {
if ((i + 1) >= MAX_CERT_EXTENSIONS) {
ret = MAX_CERT_EXTENSIONS_ERR;
break;
}
request->ssl = ssl;
ret = CheckOcspRequest(SSL_CM(ssl)->ocsp_stapling,
request, &responses[++i], ssl->heap);