From cfaed48f902aae5c8b39dc55df8793f93b8f3a8c Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Thu, 12 Apr 2018 14:40:20 -0600
Subject: [PATCH] adjust GetInt call with ASN1 integer to big number

---
 src/ssl.c     |  6 ++++--
 tests/api.c   | 12 +++++++-----
 wolfssl/ssl.h |  1 +
 3 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index f9bcad812..f9f38232c 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -18101,7 +18101,8 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_new(void)
     }
 
     XMEMSET(a, 0, sizeof(WOLFSSL_ASN1_INTEGER));
-    a->data = a->intData;
+    a->data    = a->intData;
+    a->dataMax = WOLFSSL_ASN1_INTEGER_MAX;
     return a;
 }
 
@@ -18138,6 +18139,7 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_X509_get_serialNumber(WOLFSSL_X509* x509)
             wolfSSL_ASN1_INTEGER_free(a);
             return NULL;
         }
+        a->dataMax   = x509->serialSz + 2;
         a->isDynamic = 1;
     }
 
@@ -22911,7 +22913,7 @@ WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
         return NULL;
     }
 
-    if ((ret = GetInt(&mpi, ai->data, &idx, sizeof(ai->data))) != 0) {
+    if ((ret = GetInt(&mpi, ai->data, &idx, ai->dataMax)) != 0) {
         /* expecting ASN1 format for INTEGER */
         WOLFSSL_LEAVE("wolfSSL_ASN1_INTEGER_to_BN", ret);
         return NULL;
diff --git a/tests/api.c b/tests/api.c
index c074599ec..5c5ccd4ed 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -15995,7 +15995,7 @@ static void test_wolfSSL_BN(void)
     BIGNUM* b;
     BIGNUM* c;
     BIGNUM* d;
-    ASN1_INTEGER ai;
+    ASN1_INTEGER* ai;
     unsigned char value[1];
 
     printf(testingFmt, "wolfSSL_BN()");
@@ -16006,12 +16006,14 @@ static void test_wolfSSL_BN(void)
 
     value[0] = 0x03;
 
+    AssertNotNull(ai = ASN1_INTEGER_new());
     /* at the moment hard setting since no set function */
-    ai.data[0] = 0x02; /* tag for ASN_INTEGER */
-    ai.data[1] = 0x01; /* length of integer */
-    ai.data[2] = value[0];
+    ai->data[0] = 0x02; /* tag for ASN_INTEGER */
+    ai->data[1] = 0x01; /* length of integer */
+    ai->data[2] = value[0];
 
-    AssertNotNull(a = ASN1_INTEGER_to_BN(&ai, NULL));
+    AssertNotNull(a = ASN1_INTEGER_to_BN(ai, NULL));
+    ASN1_INTEGER_free(ai);
 
     value[0] = 0x02;
     AssertNotNull(BN_bin2bn(value, sizeof(value), b));
diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h
index be7e95efd..8380d47ab 100644
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@@ -190,6 +190,7 @@ struct WOLFSSL_ASN1_INTEGER {
     /* ASN_INTEGER | LENGTH | hex of number */
 
     unsigned char* data;
+    word32 dataMax;   /* max size of data buffer */
     byte isDynamic:1; /* flag for if data pointer dynamic (1 is yes 0 is no) */
 };