wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add check for buffer size versus pad size in DoCertificateStatus()

Browse Source
This commit is contained in:
John Safranek
2018-12-12 12:48:30 -08:00
parent b145aab6b2
commit f715d9179c
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/internal.c
View File

@@ -10252,8 +10252,11 @@ static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (ret != 0) if (ret != 0)
SendAlert(ssl, alert_fatal, bad_certificate_status_response); SendAlert(ssl, alert_fatal, bad_certificate_status_response);
if (IsEncryptionOn(ssl, 0)) if (IsEncryptionOn(ssl, 0)) {
if (*inOutIdx + ssl->keys.padSz > size)
return BUFFER_E;
*inOutIdx += ssl->keys.padSz; *inOutIdx += ssl->keys.padSz;
}
WOLFSSL_LEAVE("DoCertificateStatus", ret); WOLFSSL_LEAVE("DoCertificateStatus", ret);
WOLFSSL_END(WC_FUNC_CERTIFICATE_STATUS_DO); WOLFSSL_END(WC_FUNC_CERTIFICATE_STATUS_DO);