From 45444d1cd2f8148f20f082ac8dd0cb72c023f7e4 Mon Sep 17 00:00:00 2001
From: Guido Vranken <guidovranken@gmail.com>
Date: Mon, 7 Aug 2023 08:45:13 +0200
Subject: [PATCH] Add bounds check to GetIntPositive

---
 wolfcrypt/src/asn.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 01bde0844a..e2e0276c09 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -3283,6 +3283,10 @@ static int GetIntPositive(mp_int* mpi, const byte* input, word32* inOutIdx,
     if (ret != 0)
         return ret;
 
+    if (idx < 1 || idx >= maxIdx) {
+        return BUFFER_E;
+    }
+
     if (((input[idx] & 0x80) == 0x80) && (input[idx - 1] != 0x00))
         return MP_INIT_E;