From a696d11519aadd80ba89eb0686b65827d034d41b Mon Sep 17 00:00:00 2001 From: Ruby Martin Date: Wed, 25 Mar 2026 15:56:08 -0600 Subject: [PATCH] if len is 0, do not subtract 1 when calling XMALLOC --- src/tls13.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tls13.c b/src/tls13.c index e026add383..32428b2114 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -5877,7 +5877,7 @@ static int DoTls13CertificateRequest(WOLFSSL* ssl, const byte* input, * Increase size to handle other implementations sending more than one byte. * That is, allocate extra space, over one byte, to hold the context value. */ - certReqCtx = (CertReqCtx*)XMALLOC(sizeof(CertReqCtx) + len - 1, ssl->heap, + certReqCtx = (CertReqCtx*)XMALLOC(sizeof(CertReqCtx) + (len == 0 ? 0 : len - 1), ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); if (certReqCtx == NULL) return MEMORY_E;