From 8fac3fffead13282f76e18cc18283e73c0d7dbbc Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Fri, 24 Jun 2016 13:57:09 -0600
Subject: [PATCH] fix possible out of bounds read in PemToDer, CU #1

---
 src/ssl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ssl.c b/src/ssl.c
index 82295ef6c..202972f22 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -3534,7 +3534,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
         /* eat end of line */
         if (consumedEnd[0] == '\n')
             consumedEnd++;
-        else if (consumedEnd[1] == '\n')
+        else if ((consumedEnd + 1 < bufferEnd) && consumedEnd[1] == '\n')
             consumedEnd += 2;
         else {
             if (info)