From a836a8499e0fc620358dddfd0ce1de95522460c1 Mon Sep 17 00:00:00 2001
From: Jonathan Winzig <jwinzig@hilscher.com>
Date: Wed, 10 Jan 2024 13:26:36 +0100
Subject: [PATCH] Fix Issue #8687

Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
---
 library/x509_create.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/library/x509_create.c b/library/x509_create.c
index 73789dad58..4ffd3b6a80 100644
--- a/library/x509_create.c
+++ b/library/x509_create.c
@@ -195,6 +195,10 @@ int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid,
 {
     mbedtls_asn1_named_data *cur;
 
+    if (val_len > (SIZE_MAX  - 1)) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
     if ((cur = mbedtls_asn1_store_named_data(head, oid, oid_len,
                                              NULL, val_len + 1)) == NULL) {
         return MBEDTLS_ERR_X509_ALLOC_FAILED;