vrls: addressing issues reported by coverity

I believe the code was secure before this, but limiting the accepted name length to what is used in the structures should help Coverity's analysis. Closes #10431
author: Stefan Eissing <stefan@eissing.org> 2023-02-07 09:34:49 +0100
committer: Daniel Stenberg <daniel@haxx.se> 2023-02-07 14:05:21 +0100
commit: 7dad86a03f8c5f131daa4a6cfc38da92e489b738 (patch)
tree: 48c57b15be07e4a794faba968868a696da15fd9a /lib
parent: 95fe2bba743464d5557fb4b4365b00cc37c29fcd (diff)
download: curl-7dad86a03f8c5f131daa4a6cfc38da92e489b738.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index e8ae3c05f..f5967ecb3 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -1954,7 +1954,7 @@ CURLcode Curl_alpn_to_proto_buf(struct alpn_proto_buf *buf,
   memset(buf, 0, sizeof(*buf));
   for(i = 0; spec && i < spec->count; ++i) {
     len = strlen(spec->entries[i]);
-    if(len > 255)
+    if(len >= ALPN_NAME_MAX)
       return CURLE_FAILED_INIT;
     blen = (unsigned  char)len;
     if(off + blen + 1 >= (int)sizeof(buf->data))
@@ -1976,7 +1976,7 @@ CURLcode Curl_alpn_to_proto_str(struct alpn_proto_buf *buf,
   memset(buf, 0, sizeof(*buf));
   for(i = 0; spec && i < spec->count; ++i) {
     len = strlen(spec->entries[i]);
-    if(len > 255)
+    if(len >= ALPN_NAME_MAX)
       return CURLE_FAILED_INIT;
     if(off + len + 2 >= (int)sizeof(buf->data))
       return CURLE_FAILED_INIT;
author	Stefan Eissing <stefan@eissing.org>	2023-02-07 09:34:49 +0100
committer	Daniel Stenberg <daniel@haxx.se>	2023-02-07 14:05:21 +0100
commit	7dad86a03f8c5f131daa4a6cfc38da92e489b738 (patch)
tree	48c57b15be07e4a794faba968868a696da15fd9a /lib
parent	95fe2bba743464d5557fb4b4365b00cc37c29fcd (diff)
download	curl-7dad86a03f8c5f131daa4a6cfc38da92e489b738.tar.gz