mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #5076 from JacobBarthelmeh/fuzzing

Browse Source 
fix for sanity check on PKCS7 indef read
This commit is contained in:
David Garske 2022-04-27 09:34:34 -07:00 committed by GitHub
commit 7e803f346d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
wolfcrypt/src/pkcs7.c
View File

@ -4610,10 +4610,15 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
} }
/* if indef, skip EOF */ /* if indef, skip EOF */
if (isIndef && pkiMsg[idx] == ASN_EOC && pkiMsg[idx+1] == 0) { if (isIndef) {
if (idx + 1 >= pkiMsgSz) {
ret = ASN_PARSE_E;
}
else if (pkiMsg[idx] == ASN_EOC && pkiMsg[idx+1] == 0) {
idx += 2; /* skip EOF + zero byte */ idx += 2; /* skip EOF + zero byte */
} }
} }
}
if (ret != 0) if (ret != 0)
break; break;