wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix for infinite loop with CSR2

Browse Source
This commit is contained in:
Jacob Barthelmeh
2019-09-30 21:32:25 +07:00
parent 43476e80d4
commit e7c2892579
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/tls.c
View File

@ -3455,15 +3455,19 @@ static int TLSX_CSR2_Parse(WOLFSSL* ssl, byte* input, word16 length,
return BUFFER_ERROR;
ato16(input + offset, &size);
offset += OPAQUE16_LEN + size;
if (length - offset < size)
return BUFFER_ERROR;
offset += OPAQUE16_LEN + size;
/* skip request_extensions */
if (length - offset < OPAQUE16_LEN)
return BUFFER_ERROR;
ato16(input + offset, &size);
offset += OPAQUE16_LEN + size;
if (length - offset < size)
return BUFFER_ERROR;
offset += OPAQUE16_LEN + size;
if (offset > length)
return BUFFER_ERROR;