From 9aa1df44d1a807b874e9ca7b6ebe569a035833b8 Mon Sep 17 00:00:00 2001
From: Yosuke Shimizu <yosuke@wolfssl.com>
Date: Tue, 23 Jun 2026 11:56:27 +0900
Subject: [PATCH] examples/client: add cert-name length bounds check in
 ParseRFC6187

---
 examples/client/common.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/examples/client/common.c b/examples/client/common.c
index 30c513832..ed7e33d7d 100644
--- a/examples/client/common.c
+++ b/examples/client/common.c
@@ -331,6 +331,9 @@ static int ParseRFC6187(const byte* in, word32 inSz, byte** leafOut,
 
     /* Skip the name */
     ato32(in, &l);
+    if (l > inSz - sizeof(word32))
+        return WS_BUFFER_E;
+
     m += l + sizeof(word32);
 
     /* Get the cert count */