DH Fix

1. Check the length values for the DH key domain and public key in the
   server key exchange message to make sure they are within the bounds
   set by the configuration. (Minimum key size is 2048 bits for DH.)

src/internal.c

@@ -21178,6 +21178,9 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size,
     }
 
     ato16(input + args->idx, &length);
+    if (length < MIN_DHKEY_SZ || length > MAX_DHKEY_SZ) {
+        ERROR_OUT(DH_KEY_SIZE_E, exit_gdpk);
+    }
     args->idx += OPAQUE16_LEN;
 
     if ((args->idx - args->begin) + length > size) {
@@ -21219,6 +21222,12 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size,
     }
 
     ato16(input + args->idx, &length);
+    if (length > MAX_DHKEY_SZ) {
+        XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap,
+                DYNAMIC_TYPE_PUBLIC_KEY);
+        ssl->buffers.serverDH_P.buffer = NULL;
+        ERROR_OUT(DH_KEY_SIZE_E, exit_gdpk);
+    }
     args->idx += OPAQUE16_LEN;
 
     if ((args->idx - args->begin) + length > size) {
@@ -21256,6 +21265,16 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size,
     }
 
     ato16(input + args->idx, &length);
+    if (length < MIN_DHKEY_SZ || length > MAX_DHKEY_SZ) {
+        XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap,
+                DYNAMIC_TYPE_PUBLIC_KEY);
+        ssl->buffers.serverDH_P.buffer = NULL;
+        XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap,
+                DYNAMIC_TYPE_PUBLIC_KEY);
+        ssl->buffers.serverDH_G.buffer = NULL;
+        ERROR_OUT(BUFFER_ERROR, exit_gdpk);
+        ERROR_OUT(DH_KEY_SIZE_E, exit_gdpk);
+    }
     args->idx += OPAQUE16_LEN;
 
     if ((args->idx - args->begin) + length > size) {