wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

tls13: avoid buffer overflow with size check

Browse Source 
For cases where a private key that is larger than the configured
maximum is passed.
This commit is contained in:
Elms
2021-07-29 12:56:58 -07:00
parent 3e894a9804
commit d8a54e1a32
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/tls13.c
View File

@ -6073,6 +6073,10 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
case TLS_ASYNC_BUILD:
{
int rem = ssl->buffers.outputBuffer.bufferSize
- ssl->buffers.outputBuffer.length
- RECORD_HEADER_SZ - HANDSHAKE_HEADER_SZ;
/* idx is used to track verify pointer offset to output */
args->idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
args->verify =
@ -6092,6 +6096,10 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
goto exit_scv;
}
if (rem < 0 || args->length > rem) {
ERROR_OUT(BUFFER_E, exit_scv);
}
if (args->length == 0) {
ERROR_OUT(NO_PRIVATE_KEY, exit_scv);
}