From: Stefan Eissing <stefan@eissing.org>
Date: Tue, 7 Feb 2023 08:34:49 +0000 (+0100)
Subject: vrls: addressing issues reported by coverity
X-Git-Tag: curl-7_88_0~52
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7dad86a03f8c5f131daa4a6cfc38da92e489b738;p=thirdparty%2Fcurl.git

vrls: addressing issues reported by coverity

I believe the code was secure before this, but limiting the accepted
name length to what is used in the structures should help Coverity's
analysis.

Closes #10431
---

diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index e8ae3c05ff..f5967ecb33 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -1954,7 +1954,7 @@ CURLcode Curl_alpn_to_proto_buf(struct alpn_proto_buf *buf,
   memset(buf, 0, sizeof(*buf));
   for(i = 0; spec && i < spec->count; ++i) {
     len = strlen(spec->entries[i]);
-    if(len > 255)
+    if(len >= ALPN_NAME_MAX)
       return CURLE_FAILED_INIT;
     blen = (unsigned  char)len;
     if(off + blen + 1 >= (int)sizeof(buf->data))
@@ -1976,7 +1976,7 @@ CURLcode Curl_alpn_to_proto_str(struct alpn_proto_buf *buf,
   memset(buf, 0, sizeof(*buf));
   for(i = 0; spec && i < spec->count; ++i) {
     len = strlen(spec->entries[i]);
-    if(len > 255)
+    if(len >= ALPN_NAME_MAX)
       return CURLE_FAILED_INIT;
     if(off + len + 2 >= (int)sizeof(buf->data))
       return CURLE_FAILED_INIT;