WolfSSL
/
wolfssh
mirror of https://github.com/wolfSSL/wolfssh.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #90 from JacobBarthelmeh/fuzz 

fix for possible overflow with sanity check
pull/91/head
John Safranek 2018-08-14 10:38:37 -07:00 committed by GitHub
parent 7e62b48c66 962ee5a06b
commit 1a0be6492f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/internal.c
View File

@ -2204,7 +2204,7 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
begin = *idx;
pubKey = buf + begin;
ret = GetUint32(&pubKeySz, buf, len, &begin);
if (ret == WS_SUCCESS && (pubKeySz + LENGTH_SZ + begin > len)) {
if (ret == WS_SUCCESS && (pubKeySz > len - LENGTH_SZ - begin )) {
ret = WS_BUFFER_E;
}