From 7d17a80ba00fa8920fba45dbb56bbc0430c42268 Mon Sep 17 00:00:00 2001
From: Paul Adelsbach <paul.adelsbach@wolfssl.com>
Date: Tue, 3 Mar 2026 13:17:39 -0800
Subject: [PATCH] Fix string length check in dh/ecdh

---
 src/wp_dh_exch.c   | 4 +++-
 src/wp_ecdh_exch.c | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/wp_dh_exch.c b/src/wp_dh_exch.c
index 62377ba3..bf6392af 100644
--- a/src/wp_dh_exch.c
+++ b/src/wp_dh_exch.c
@@ -512,8 +512,10 @@ static int wp_dh_set_param_kdf_digest(wp_DhCtx* ctx, const OSSL_PARAM params[])
     }
     if (ok && (mdName != NULL)) {
         const char* mdProps = NULL;
+        size_t mdNameLen = OPENSSL_strnlen(mdName, sizeof(ctx->kdfMdName) - 1);
 
-        XMEMCPY(ctx->kdfMdName, mdName, XSTRLEN(mdName) + 1);
+        XMEMCPY(ctx->kdfMdName, mdName, mdNameLen);
+        ctx->kdfMdName[mdNameLen] = '\0';
         if (!wp_params_get_utf8_string_ptr(params,
                     OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS, &mdProps)) {
             ok = 0;
diff --git a/src/wp_ecdh_exch.c b/src/wp_ecdh_exch.c
index ee9aaf0c..e72bca1f 100644
--- a/src/wp_ecdh_exch.c
+++ b/src/wp_ecdh_exch.c
@@ -460,8 +460,10 @@ static int wp_ecdh_set_param_kdf_digest(wp_EcdhCtx* ctx,
     }
     if (ok && (mdName != NULL)) {
         const char* mdProps = NULL;
+        size_t mdNameLen = OPENSSL_strnlen(mdName, sizeof(ctx->kdfMdName) - 1);
 
-        XMEMCPY(ctx->kdfMdName, mdName, XSTRLEN(mdName) + 1);
+        XMEMCPY(ctx->kdfMdName, mdName, mdNameLen);
+        ctx->kdfMdName[mdNameLen] = '\0';
         if (!wp_params_get_utf8_string_ptr(params,
                     OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS, &mdProps)) {
             ok = 0;