mirror of https://github.com/wolfSSL/wolfssh.git
Fuzz Test Fixes
1. Add a maximum packet size value and verify the read packet size.pull/67/head
parent
a528f57840
commit
37eb1bc59d
|
@ -4392,6 +4392,9 @@ int DoReceive(WOLFSSH* ssh)
|
|||
/* Peek at the packet_length field. */
|
||||
ato32(ssh->inputBuffer.buffer + ssh->inputBuffer.idx,
|
||||
&ssh->curSz);
|
||||
if (ssh->curSz > MAX_PACKET_SZ - (word32)peerMacSz - LENGTH_SZ)
|
||||
return WS_OVERFLOW_E;
|
||||
|
||||
ssh->processReplyState = PROCESS_PACKET_FINISH;
|
||||
FALL_THROUGH;
|
||||
|
||||
|
|
|
@ -130,6 +130,10 @@ enum {
|
|||
#ifndef DEFAULT_NEXT_CHANNEL
|
||||
#define DEFAULT_NEXT_CHANNEL 0
|
||||
#endif
|
||||
#ifndef MAX_PACKET_SZ
|
||||
/* This is from RFC 4253 section 6.1. */
|
||||
#define MAX_PACKET_SZ 35000
|
||||
#endif
|
||||
|
||||
|
||||
WOLFSSH_LOCAL byte NameToId(const char*, word32);
|
||||
|
|
Loading…
Reference in New Issue