From b734c47cc90261d32822a34650f18857d7bcb510 Mon Sep 17 00:00:00 2001 From: Koji Takeda Date: Thu, 26 Jun 2025 17:48:52 +0900 Subject: [PATCH] Check the len range stricter --- wolfcrypt/src/asn.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index cb20eb5ea..50df12383 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -3259,6 +3259,10 @@ int SetShortInt(byte* output, word32* inOutIdx, word32 number, word32 maxIdx) else len = BytePrecision(number); + /* clarify the len range to prepare for the next right bit shifting */ + if (len < 1 || len > sizeof(number)) { + return ASN_PARSE_E; + } if (number >> (WOLFSSL_BIT_SIZE * len - 1)) { /* Need one byte of zero value not to be negative number */ extraByte = 1;