Merge pull request #3908 from embhorn/zd11866

Sanity check size in TLSX_Parse
2021-04-07 16:34:56 -07:00 · 2021-04-07 16:34:56 -07:00 · 3b9e7942ea
commit 3b9e7942ea
parent b3177ffc17 11189fe386
1 changed files with 1 additions and 1 deletions
--- a/src/tls.c
+++ b/src/tls.c
@ -11049,7 +11049,7 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
        ato16(input + offset, &size);
        offset += OPAQUE16_LEN;

-        if (offset + size > length)
+        if (length - offset < size)
            return BUFFER_ERROR;

        switch (type) {