wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2889 from JacobBarthelmeh/SanityChecks

Browse Source 
sanity check on input length before secure renegotiation compare
This commit is contained in:
toddouska
2020-04-14 09:21:29 -07:00
committed by GitHub
parent 416f0775d3 1ce0268477
commit a2892f66c0
1 changed files with 15 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/tls.c
View File

@ -4793,6 +4793,11 @@ static int TLSX_SecureRenegotiation_Parse(WOLFSSL* ssl, byte* input,
}
}
else if (*input == TLS_FINISHED_SZ) {
if (length < TLS_FINISHED_SZ + 1) {
WOLFSSL_MSG("SCR malformed buffer");
ret = BUFFER_E;
}
else {
input++; /* get past size */
/* validate client verify data */
@ -4807,6 +4812,7 @@ static int TLSX_SecureRenegotiation_Parse(WOLFSSL* ssl, byte* input,
WOLFSSL_MSG("SCR client verify data Failure");
}
}
}
#endif
}
else {