From 6c197df130fe619f3ec110a66115fe3532a19405 Mon Sep 17 00:00:00 2001
From: Anthony Hu <anthony@wolfssl.com>
Date: Fri, 20 Mar 2026 21:32:14 -0400
Subject: [PATCH] Add bounds check in PKCS7 streaming indefinite-length
 end-of-content parsing

---
 certs/pkcs7-indef-len-signed-data.bin | Bin 0 -> 1865 bytes
 tests/api/test_pkcs7.c                |  44 ++++++++++++++++++++++++++
 tests/api/test_pkcs7.h                |   4 ++-
 wolfcrypt/src/pkcs7.c                 |   4 +++
 4 files changed, 51 insertions(+), 1 deletion(-)
 create mode 100644 certs/pkcs7-indef-len-signed-data.bin

diff --git a/certs/pkcs7-indef-len-signed-data.bin b/certs/pkcs7-indef-len-signed-data.bin
new file mode 100644
index 0000000000000000000000000000000000000000..d03715ec18012f4dd30e6dbc10af617c106b6713
GIT binary patch
literal 1865
zcmchX`B#%?7RU3xA&Dd*fPe{$K`1TLu)PV1q*9Pd89<2*39A?-2g6oK5Mo(GNdmP9
z0ycso4om=LX`rG3R1k}@t1MCwWK#rDKmx>#LV?mcGlw&OK<{tQJ@+}!{eI8$`9dP3
zI_Z?#sSg?e3Y3W;5eNWe45W@kSm5BG0RjeX8USP>Gm)AEUbndk|9A^V7B@oT1`vQj
zpFvwGS`ZEi_f~^rQ7&=Z$fyV&s0AyWB>Jo~c;kk!T`l+ck&wp!o(2E}Oie5jAy>!u
zmxYBGD48!j>p5edFE7nsp#})UE7KSIFCy$~<7zzv+>5Yh;xER2uUY;h$)IL9|Kzsp
zET133Mzivh-yu|faU$Up{MpX#&I<8Sj;KD`Hvb%KSY7QoEW@UfE?9;gSH>%!GCfvu
z%c)-OxP5nmZj{E})1!G|Y%|(6%K{)><d%=lz)@;jFb2kqJ63rr*@k|wDqBj=4L{E^
zW<F^-t>tjJY~kg;S566z!wWx>eThG7hMIY;O;g`qWuc~iI!XVsDK8=Q(=IJecP3;y
zcFm3OMvJJ5BNlv+GG6zLI$BeC2b*m$zqdf`J11D$gUhGQ!LEOV5@Qaw-IEp+U73!l
zd8soItG$d^C=4?`;ZO-p&ifZGw^ps|x@O6{^AlhB%@q&p&I~0!BxrYH)^F@gEw^a|
z6|W8#O*h!{YjjV{uq{%$!o`g9)d<PJyn&Z$>pbIxvBB%Uom5Ae_4ZGS?UItm17mB*
z8ndn=BnQ=T$aOVbydw`|X`hEXq_iCq(ei(7<UiX5{tH0Ne)@Un=sx#$Ke>+Q_BT1t
z+Ee|*OE}jFldCzIJE#Lli9K=U!Bw{1FOn(wd-}6W!F{}T7l#|Qc#FAjUQW7b6t&?=
zku7Nst#lc-+<Ig%-}n-|-E((IaKLwzD?I$w6)HOx6Jn7V%RW~zi&=c<Wb9;f9AM`d
z-(SroG?Xmp7)54;B;VFKHCp{V{Bc1%b4&(5Ih8ckaRzP_aMy9_jJ0}$^Jwr`cXQ{Y
z%&u%#Mi5p9HvrEl^cTP2#3-h+kfhz)2QbYh4+S`9YU95%qK=py>ekIQz5LcXJtyKr
zs4`Glmxc`_SR53@y5(H2c~JG?*MRmJmO8{W;@A5Yy0IJ{hZIK|O35=mD`tl-O4l7t
z>ySRgx!kI~EO+j2ZYQd16*Y5!dE>(|r2e<|nD->Y^a!h@w(kxr2VtFxOV#GHP6g4i
z5B055F^>@YCf4j1TP3DRd!IuoNSGa3AhQ@>Fd4Z(9!iUluLgD+4vPs6LC&!+Sklby
zbk%n7?DxMUH=wFD&5fefZt9*yM#{e)FtT)ItM?y~-mG{O_q@Ktzr6!}j@(OZoFd;m
zu)GfYzuG`n0%t%HkS2qJ00;u;%`hT1s1N@u1U3jp>VV#C@_%sNf<-X|d?A<5{ci__
zMePwJ@FKZ<vL2-KC-P`4HdYW3%w~HWW;?qu$vYt8$0Wcz^P+`e!C^sMVVHow<EvxB
zP(gH<Fdib}HOO>`0?{ZGDg@abz-v$_n~s0$E)u|WvlSb;1eXAsFh~NRK?wlBI<iyU
z{9kEOlNVHbEd3&G6$Z|gcOJTBD<ow@MFh#&;&(@!l#xen>k)WvYm@q=eVh=RcLB$E
zLl9saFB(kgD0Y7<H}op}fsQ`hpV%KW@ssnk5rs91IDBl0s~6d(uV5*P>mm-W_1=m;
z+EUS5;A&@?vV`|m(7X@O9!P1*`}eOecA%9VYp>lvU$Z+G$3=mmi_#`fYultAuPl9m
z*+6yIVA<=5MMWm9`+~;jpFQO_*?!~Ais5CyO}$?-pw_6W%#1N_?Yb77yu4THk>=;|
zeyR7t)}hK6C+0lLpYzWzW}Nc1=3weQ0Qf~q%p2-&-|peSyxQ2BqGbzn5DvhA%?@pR
zmJNphm}9cs;n;X56LeP{O<W6>Y7K*r(jS-gZd)lHZ51v>xjpeM5R<T$KC9gGJ&2T^
zS=Xt~s5-fUUEN$bT866iU7hIn^RTQaF|?*UA-jBuFO3+QsJ)vp&@yCJ?@kL;0a-bv
zGgc$J!(Qx!+a!$6O8lSZ4Vut(eNaU%-)YNIMr@QhG>PGI^X+D4365b9(05c3d})8w
zSwg8viSJr!7$V{mh^Bc<6Ez;!R2(8ozPU>%GE}x$U5PJK_`yl~d-Tv3Bul1Mr<?rJ
z3fs3?Wipa3N8Jc;N*CWfAof|pS$Z&AIp-o0#!SfXb@zW=GjcWfn%v0V^dnn;08Nzv
Avj6}9

literal 0
HcmV?d00001

diff --git a/tests/api/test_pkcs7.c b/tests/api/test_pkcs7.c
index 78ae915e8d2..b5404dccd56 100644
--- a/tests/api/test_pkcs7.c
+++ b/tests/api/test_pkcs7.c
@@ -4856,3 +4856,47 @@ int test_wc_PKCS7_VerifySignedData_PKCS7ContentSeq(void)
     return EXPECT_RESULT();
 }
 
+/*
+ * Test PKCS7 VerifySignedData with indefinite-length BER-encoded SignedData
+ * containing mismatched nesting depth. Verifies bounds checking in the
+ * end-of-content octet verification loop in streaming mode.
+ */
+int test_wc_PKCS7_VerifySignedData_IndefLenOOB(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_PKCS7) && !defined(NO_PKCS7_STREAM) && !defined(NO_FILESYSTEM)
+    PKCS7* pkcs7 = NULL;
+    char   fName[] = "./certs/pkcs7-indef-len-signed-data.bin";
+    XFILE  f = XBADFILE;
+    byte*  der = NULL;
+    word32 derSz = 0;
+
+    /* PKCS#7 SignedData with indefinite-length BER encoding where the
+     * nesting depth exceeds the available end-of-content octets. */
+    ExpectTrue((f = XFOPEN(fName, "rb")) != XBADFILE);
+    if (f != XBADFILE) {
+        XFSEEK(f, 0, XSEEK_END);
+        derSz = (word32)XFTELL(f);
+        XFSEEK(f, 0, XSEEK_SET);
+        ExpectNotNull(der = (byte*)XMALLOC(derSz, HEAP_HINT,
+                                           DYNAMIC_TYPE_TMP_BUFFER));
+        if (der != NULL) {
+            ExpectTrue(XFREAD(der, 1, derSz, f) == derSz);
+        }
+        XFCLOSE(f);
+    }
+
+    if (der != NULL) {
+        /* Should return a parse error for malformed input */
+        ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+        ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+        ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+        ExpectIntNE(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
+        wc_PKCS7_Free(pkcs7);
+    }
+
+    XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+
+#endif /* HAVE_PKCS7 && !NO_PKCS7_STREAM && !NO_FILESYSTEM */
+    return EXPECT_RESULT();
+}
diff --git a/tests/api/test_pkcs7.h b/tests/api/test_pkcs7.h
index 21e923011b3..084744d43c6 100644
--- a/tests/api/test_pkcs7.h
+++ b/tests/api/test_pkcs7.h
@@ -58,6 +58,7 @@ int test_wc_PKCS7_SetOriDecryptCtx(void);
 int test_wc_PKCS7_DecodeCompressedData(void);
 int test_wc_PKCS7_DecodeEnvelopedData_multiple_recipients(void);
 int test_wc_PKCS7_VerifySignedData_PKCS7ContentSeq(void);
+int test_wc_PKCS7_VerifySignedData_IndefLenOOB(void);
 
 
 #define TEST_PKCS7_DECLS                                        \
@@ -92,7 +93,8 @@ int test_wc_PKCS7_VerifySignedData_PKCS7ContentSeq(void);
     TEST_DECL_GROUP("pkcs7_sd", test_wc_PKCS7_Degenerate),              \
     TEST_DECL_GROUP("pkcs7_sd", test_wc_PKCS7_BER),                     \
     TEST_DECL_GROUP("pkcs7_sd", test_wc_PKCS7_NoDefaultSignedAttribs),  \
-    TEST_DECL_GROUP("pkcs7_sd", test_wc_PKCS7_VerifySignedData_PKCS7ContentSeq)
+    TEST_DECL_GROUP("pkcs7_sd", test_wc_PKCS7_VerifySignedData_PKCS7ContentSeq), \
+    TEST_DECL_GROUP("pkcs7_sd", test_wc_PKCS7_VerifySignedData_IndefLenOOB)
 
 #define TEST_PKCS7_ENCRYPTED_DATA_DECLS                                     \
     TEST_DECL_GROUP("pkcs7_ed", test_wc_PKCS7_DecodeEnvelopedData_stream),  \
diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c
index 5a02c97d219..ac1bd0474e6 100644
--- a/wolfcrypt/src/pkcs7.c
+++ b/wolfcrypt/src/pkcs7.c
@@ -6897,6 +6897,10 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf,
                 word32 sz = (word32)pkcs7->stream->cntIdfCnt * ASN_INDEF_END_SZ;
                 localIdx = idx;
                 for (i = 0; i < sz; i++) {
+                    if (localIdx + i >= pkiMsg2Sz) {
+                        ret = ASN_PARSE_E;
+                        break;
+                    }
                     if (pkiMsg2[localIdx + i] == 0)
                         continue;
                     else {