touch up negative value sanity check, fix CID 210741 sanity check

JacobBarthelmeh · JacobBarthelmeh · commit a2032dfb36fc · 2023-10-27T14:50:13.000-06:00
diff --git a/src/x509.c b/src/x509.c
@@ -1558,7 +1558,7 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
                             XFREE(val, NULL, DYNAMIC_TYPE_TMP_BUFFER);
                             return rc;
                     }
-                    if (tmpLen + valLen > tmpSz) {
+                    if ((tmpLen + valLen) >= tmpSz) {
                         XFREE(val, NULL, DYNAMIC_TYPE_TMP_BUFFER);
                         return rc;
                     }
@@ -6482,7 +6482,8 @@ static int X509PrintSignature_ex(WOLFSSL_BIO* bio, byte* sig,
                     break;
                 }
             }
-            if (valLen >= ((int)sizeof(tmp) - tmpLen - 1)) {
+            if ((tmpLen < 0) || (valLen < 0) ||
+                    (valLen >= ((int)sizeof(tmp) - tmpLen - 1))) {
                 ret = WOLFSSL_FAILURE;
                 break;
             }

Original file line number	Diff line number	Diff line change
`@@ -1558,7 +1558,7 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO out, WOLFSSL_X509_EXTENSION ext,`
`1558`	`1558`	`XFREE(val, NULL, DYNAMIC_TYPE_TMP_BUFFER);`
`1559`	`1559`	`return rc;`
`1560`	`1560`	`}`
`1561`		`- if (tmpLen + valLen > tmpSz) {`
	`1561`	`+ if ((tmpLen + valLen) >= tmpSz) {`
`1562`	`1562`	`XFREE(val, NULL, DYNAMIC_TYPE_TMP_BUFFER);`
`1563`	`1563`	`return rc;`
`1564`	`1564`	`}`
`@@ -6482,7 +6482,8 @@ static int X509PrintSignature_ex(WOLFSSL_BIO* bio, byte* sig,`
`6482`	`6482`	`break;`
`6483`	`6483`	`}`
`6484`	`6484`	`}`
`6485`		`- if (valLen >= ((int)sizeof(tmp) - tmpLen - 1)) {`
	`6485`	`+ if ((tmpLen < 0) \|\| (valLen < 0) \|\|`
	`6486`	`+ (valLen >= ((int)sizeof(tmp) - tmpLen - 1))) {`
`6486`	`6487`	`ret = WOLFSSL_FAILURE;`
`6487`	`6488`	`break;`
`6488`	`6489`	`}`