mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #5076 from JacobBarthelmeh/fuzzing

Browse Source 
fix for sanity check on PKCS7 indef read
This commit is contained in:
David Garske 2022-04-27 09:34:34 -07:00 committed by GitHub
commit 7e803f346d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
wolfcrypt/src/pkcs7.c
View File

@ -4610,8 +4610,13 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
ret = ASN_PARSE_E;
}
/* if indef, skip EOF */
if (isIndef && pkiMsg[idx] == ASN_EOC && pkiMsg[idx+1] == 0) {
idx += 2; /* skip EOF + zero byte */
if (isIndef) {
if (idx + 1 >= pkiMsgSz) {
ret = ASN_PARSE_E;
}
else if (pkiMsg[idx] == ASN_EOC && pkiMsg[idx+1] == 0) {
idx += 2; /* skip EOF + zero byte */
}
}
}