From 9f6e28e800b2e6fcf49ebee27ee554a29dde3557 Mon Sep 17 00:00:00 2001
From: "Yang, Longlong" <longlong.yang@intel.com>
Date: Wed, 12 Jun 2024 21:09:44 -0400
Subject: [PATCH] fix out-of-bounds issue for certificate response.

fix #97

Signed-off-by: Yang, Longlong <longlong.yang@intel.com>
---
 spdmlib/src/requester/encap_certificate.rs | 2 +-
 spdmlib/src/responder/certificate_rsp.rs   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/spdmlib/src/requester/encap_certificate.rs b/spdmlib/src/requester/encap_certificate.rs
index ed94281..0d379f6 100644
--- a/spdmlib/src/requester/encap_certificate.rs
+++ b/spdmlib/src/requester/encap_certificate.rs
@@ -101,7 +101,7 @@ impl RequesterContext {
         }
 
         let offset = get_certificate.offset;
-        if offset > my_cert_chain.data_size {
+        if offset >= my_cert_chain.data_size {
             self.encode_encap_error_response(
                 SpdmErrorCode::SpdmErrorInvalidRequest,
                 0,
diff --git a/spdmlib/src/responder/certificate_rsp.rs b/spdmlib/src/responder/certificate_rsp.rs
index 76c33ae..7a37a73 100644
--- a/spdmlib/src/responder/certificate_rsp.rs
+++ b/spdmlib/src/responder/certificate_rsp.rs
@@ -125,7 +125,7 @@ impl ResponderContext {
         }
 
         let offset = get_certificate.offset;
-        if offset > my_cert_chain.data_size {
+        if offset >= my_cert_chain.data_size {
             self.write_spdm_error(SpdmErrorCode::SpdmErrorInvalidRequest, 0, writer);
             return (
                 Err(SPDM_STATUS_INVALID_MSG_FIELD),