wolfssl: check BIO read parameters

author Stefan Eissing <stefan@eissing.org>

Thu, 25 Sep 2025 09:25:17 +0000 (11:25 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Thu, 25 Sep 2025 12:05:50 +0000 (14:05 +0200)
author Stefan Eissing <stefan@eissing.org>
Thu, 25 Sep 2025 09:25:17 +0000 (11:25 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Thu, 25 Sep 2025 12:05:50 +0000 (14:05 +0200)
diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c

index 693cbdc92e212e24cf8414e2f5e071df6cd921ac..0cf6e0e4a57a68c80010b1b9a4de3b7c3218f707 100644 (file)
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -362,8 +362,11 @@ static int wssl_bio_cf_in_read(WOLFSSL_BIO *bio, char *buf, int blen)
    CURLcode result = CURLE_OK;
  
    DEBUGASSERT(data);
-  /* OpenSSL catches this case, so should we. */
-  if(!buf)
+  if(!data || (blen < 0)) {
+    wssl->io_result = CURLE_FAILED_INIT;
+    return -1;
+  }
+  if(!buf || !blen)
      return 0;
  
    if((connssl->connecting_state == ssl_connect_2) &&
author	Stefan Eissing <stefan@eissing.org>
	Thu, 25 Sep 2025 09:25:17 +0000 (11:25 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Thu, 25 Sep 2025 12:05:50 +0000 (14:05 +0200)