From 8c10c3776d8c5a3d7ebf52c6c2637b6f7eb3a798 Mon Sep 17 00:00:00 2001
From: Daniel Pouzzner <douzzer@wolfssl.com>
Date: Fri, 27 May 2022 14:17:21 -0500
Subject: [PATCH] wolfcrypt/src/asn.c: in C89 codepath of GetFormattedTime(),
 add buffer size checks before calls to sprintf().

---
 wolfcrypt/src/asn.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 62c742123..c2545dd00 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -12389,6 +12389,10 @@ int GetFormattedTime(void* currTime, byte* buf, word32 len)
         mini = ts->tm_min;
         sec  = ts->tm_sec;
         #if defined(WOLF_C89)
+            if (len < 14) {
+                WOLFSSL_MSG("buffer for GetFormattedTime is too short.");
+                return BUFFER_E;
+            }
             ret = XSPRINTF((char*)buf,
         #else
             ret = XSNPRINTF((char*)buf, len,
@@ -12405,6 +12409,10 @@ int GetFormattedTime(void* currTime, byte* buf, word32 len)
         mini = ts->tm_min;
         sec  = ts->tm_sec;
         #if defined(WOLF_C89)
+            if (len < 16) {
+                WOLFSSL_MSG("buffer for GetFormattedTime is too short.");
+                return BUFFER_E;
+            }
             ret = XSPRINTF((char*)buf,
         #else
             ret = XSNPRINTF((char*)buf, len,