From 6c86ccabc172a46c89e2ee92f332b057f4ebb57e Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Tue, 17 Dec 2019 14:23:58 -0700
Subject: [PATCH] sanity check on auth name size

---
 src/internal.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index 52398e12..2f4753e9 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -3763,6 +3763,12 @@ static int DoUserAuthRequest(WOLFSSH* ssh,
         ret = GetUint32(&authData.authNameSz, buf, len, &begin);
     }
 
+    if (ret == WS_SUCCESS) {
+        if (authData.authNameSz > len - begin) {
+            ret = WS_BUFFER_E;
+        }
+    }
+
     if (ret == WS_SUCCESS) {
         authData.authName = buf + begin;
         begin += authData.authNameSz;