tls13: Add missing overread check in Certificate msg parsing. Signed-off-by: Ronald Cron <ronald.cron@arm.com>

commit: 2b1a43c1011a03ae0050273b390cccd6d78853fc [log] [tgz]
author: Ronald Cron <ronald.cron@arm.com> Fri Jun 10 17:03:54 2022 +0200
committer: Ronald Cron <ronald.cron@arm.com> Mon Jun 27 09:28:49 2022 +0200
tree: f9d56c0b412437dcae2953a12541c0cd55f2ba65
parent: e7b9b6b3805a1217b7c8922891f29d48dd9ec041 [diff]
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 2ddefc3..7d0559b 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c

@@ -446,6 +446,7 @@
 
     mbedtls_x509_crt_init( ssl->session_negotiate->peer_cert );
 
+    MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, certificate_list_len );
     certificate_list_end = p + certificate_list_len;
     while( p < certificate_list_end )
     {
commit	2b1a43c1011a03ae0050273b390cccd6d78853fc	[log] [tgz]
author	Ronald Cron <ronald.cron@arm.com>	Fri Jun 10 17:03:54 2022 +0200
committer	Ronald Cron <ronald.cron@arm.com>	Mon Jun 27 09:28:49 2022 +0200
tree	f9d56c0b412437dcae2953a12541c0cd55f2ba65
parent	e7b9b6b3805a1217b7c8922891f29d48dd9ec041 [diff]