- return statesments on new lines;

gasbytes · gasbytes · commit 4cd601cff985 · 2025-12-05T00:17:30.000+01:00
- return -1 on num_bytes = 0 (unsupported);
diff --git a/wolfssl-gnutls-wrapper/src/pk.c b/wolfssl-gnutls-wrapper/src/pk.c
@@ -1790,14 +1790,18 @@ static int wolfssl_pk_verify_rsa_pss(const gnutls_datum_t *vdata,
 static int parse_der_length(const byte* sig_data, word32 sig_len,
         word32* idx, word32* len)
 {
-    if (*idx >= sig_len) return -1;
+    if (*idx >= sig_len)
+        return -1;
 
     *len = sig_data[(*idx)++];
 
     if (*len & 0x80) {
         /* Long form length */
         word32 num_bytes = *len & 0x7F;
-        if (num_bytes > 4 || *idx + num_bytes > sig_len) return -1;
+
+        if (num_bytes == 0 || num_bytes > 4 || *idx + num_bytes > sig_len)
+            return -1;
+
         *len = 0;
         while (num_bytes--) {
             *len = (*len << 8) | sig_data[(*idx)++];
