mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 15:50:51 +02:00
b7c3bbf101
In `quic_record_transfer()`, the unsigned subtraction `qr->end - qr->start` could wrap around if `end < start`, and the subsequent `len <= 0` check was ineffective on a `word32`. Move the comparison before the subtraction so the function returns `0` safely. In `GetEchConfig()`, `XSTRLEN(config->publicName)` was assigned to a single byte, silently truncating names longer than 255 characters while `XMEMCPY` still copied the full string. Add a 255-byte length validation in both `wolfSSL_CTX_GenerateEchConfig()` and `GetEchConfig()`, and cache the length in a local variable to avoid redundant `XSTRLEN` calls.