aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls/x509v3.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/tls/x509v3.c')
-rw-r--r--src/tls/x509v3.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/src/tls/x509v3.c b/src/tls/x509v3.c
index a9483cb7..751a268e 100644
--- a/src/tls/x509v3.c
+++ b/src/tls/x509v3.c
@@ -1783,6 +1783,15 @@ skip_digest_oid:
return -1;
}
+ if (hdr.payload + hdr.length < data + data_len) {
+ wpa_hexdump(MSG_INFO,
+ "X509: Extra data after certificate signature hash",
+ hdr.payload + hdr.length,
+ data + data_len - hdr.payload - hdr.length);
+ os_free(data);
+ return -1;
+ }
+
os_free(data);
wpa_printf(MSG_DEBUG, "X509: Certificate Digest matches with "
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-08 22:08:05 +0000