nts: check for negative length in NNA_DecryptAuthEF()

As other functions that accept a signed length, make sure it is sane in NNA_DecryptAuthEF() too.
2025-12-04 13:55:06 -05:00 · 2020-07-09 13:13:13 +02:00
parent 72ee80debe
commit db54bfc0c1
2 changed files with 7 additions and 0 deletions
--- a/nts_ntp_auth.c
+++ b/nts_ntp_auth.c
@@ -128,6 +128,9 @@ NNA_DecryptAuthEF(NTP_Packet *packet, NTP_PacketInfo *info, SIV_Instance siv, in
  void *ef_body;
  struct AuthHeader *header;

+  if (buffer_length < 0)
+    return 0;
+
  if (!NEF_ParseField(packet, info->length, ef_start,
                      NULL, &ef_type, &ef_body, &ef_body_length))
    return 0;