mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix to make sure provided sigalgo list doesn't overflow the buffer.

Browse Source
This commit is contained in:
David Garske 2017-11-13 14:52:53 -08:00
parent 2b5c4ffa7f
commit 9f7e40ad5c
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/tls.c
View File

@ -4906,8 +4906,11 @@ static int TLSX_SignatureAlgorithms_Parse(WOLFSSL *ssl, byte* input,
if (length != OPAQUE16_LEN + len)
return BUFFER_ERROR;
XMEMCPY(suites->hashSigAlgo, input, len);
/* truncate hashSigAlgo list if too long */
suites->hashSigAlgoSz = len;
if (suites->hashSigAlgoSz > WOLFSSL_MAX_SIGALGO)
suites->hashSigAlgoSz = WOLFSSL_MAX_SIGALGO;
XMEMCPY(suites->hashSigAlgo, input, suites->hashSigAlgoSz);
return TLSX_SignatureAlgorithms_MapPss(ssl, input, len);
}