Merge pull request #4912 from julek-wolfssl/ZD13742

Check `input` size in `DecodeNsCertType`
2022-03-03 08:22:49 -08:00 · 2022-03-03 08:22:49 -08:00 · 2567cd5e5a
commit 2567cd5e5a
parent 3a5f78b55a f846aceee2
1 changed files with 6 additions and 3 deletions
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@ -15876,13 +15876,16 @@ static int DecodeNsCertType(const byte* input, int sz, DecodedCert* cert)
    int len = 0;

    WOLFSSL_ENTER("DecodeNsCertType");
-    if (CheckBitString(input, &idx, &len, (word32)sz, 0, NULL) < 0) {
+
+    if (CheckBitString(input, &idx, &len, (word32)sz, 0, NULL) < 0)
        return ASN_PARSE_E;
-    }

    /* Don't need to worry about unused bits as CheckBitString makes sure
     * they're zero. */
-    cert->nsCertType = input[idx];
+    if (idx < (word32)sz)
+        cert->nsCertType = input[idx];
+    else
+        return ASN_PARSE_E;

    return 0;
 }