CVE-2024-5991 Information

Description

In function MatchDomainName() input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically the function X509_check_host() takes in a pointer and length to check against with no requirements that it be NULL terminated. If a caller was attempting to do a name check on a non-NULL terminated buffer the code would read beyond the bounds of the input array until it found a NULL terminator.This issue affects wolfSSL: through 5.7.0.

Reference

https://https://github.com/wolfSSL/wolfssl/pull/7604