mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #6924 from JacobBarthelmeh/srtp

Browse Source 
sanity check on length before ato16 with SRTP
This commit is contained in:
David Garske 2023-10-28 16:13:06 -07:00 committed by GitHub
commit 2c91ecb466
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/tls.c
View File

@ -5820,6 +5820,12 @@ static int TLSX_UseSRTP_Parse(WOLFSSL* ssl, const byte* input, word16 length,
/* parse remainder one profile at a time, looking for match in CTX */
ret = 0;
for (i=offset; i<length; i+=OPAQUE16_LEN) {
if (length < (i + OPAQUE16_LEN)) {
WOLFSSL_MSG("Unexpected length when parsing SRTP profile");
ret = BUFFER_ERROR;
break;
}
ato16(input+i, &profile_value);
/* find first match */
if (profile_value < 16 &&