From 8939b43735e60f0de541ac43f5c5b4afaf90b3bb Mon Sep 17 00:00:00 2001
From: Ankur Tyagi <ankur.tyagi85@gmail.com>
Date: Thu, 30 Apr 2026 23:46:43 +1200
Subject: [PATCH] wolfssl: patch CVE-2026-5392

Backport commit from the PR[1] mentioned in the nvd[2]

[1]https://github.com/wolfSSL/wolfssl/pull/10039
[2]https://nvd.nist.gov/vuln/detail/CVE-2026-5392

Dropped unit test changes during the backport.

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
---
 .../wolfssl/files/CVE-2026-5392.patch         | 33 +++++++++++++++++++
 .../wolfssl/wolfssl_5.8.0.bb                  |  1 +
 2 files changed, 34 insertions(+)
 create mode 100644 meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-5392.patch

diff --git a/meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-5392.patch b/meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-5392.patch
new file mode 100644
index 0000000000..a442ea326b
--- /dev/null
+++ b/meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-5392.patch
@@ -0,0 +1,33 @@
+From 02c53b7cb22ba520d1b9a061476a1066eef45a42 Mon Sep 17 00:00:00 2001
+From: Anthony Hu <anthony@wolfssl.com>
+Date: Fri, 20 Mar 2026 21:32:14 -0400
+Subject: [PATCH] Add bounds check in PKCS7 streaming indefinite-length
+ end-of-content parsing
+
+(cherry picked from commit 6721bde8e0f4074b76c1ea5e8987b8c2a746b3fa)
+
+CVE: CVE-2026-5392
+Upstream-Status: Backport [https://github.com/wolfSSL/wolfssl/commit/6721bde8e0f4074b76c1ea5e8987b8c2a746b3fa]
+
+Dropped unit test changes during the backport.
+
+Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
+---
+ wolfcrypt/src/pkcs7.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c
+index a8545ba0a..92dab5080 100644
+--- a/wolfcrypt/src/pkcs7.c
++++ b/wolfcrypt/src/pkcs7.c
+@@ -6485,6 +6485,10 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf,
+                 word32 sz = (word32)pkcs7->stream->cntIdfCnt * ASN_INDEF_END_SZ;
+                 localIdx = idx;
+                 for (i = 0; i < sz; i++) {
++                    if (localIdx + i >= pkiMsg2Sz) {
++                        ret = ASN_PARSE_E;
++                        break;
++                    }
+                     if (pkiMsg2[localIdx + i] == 0)
+                         continue;
+                     else {
diff --git a/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.8.0.bb b/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.8.0.bb
index 29ff6d6ba9..a2d184fd54 100644
--- a/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.8.0.bb
+++ b/meta-networking/recipes-connectivity/wolfssl/wolfssl_5.8.0.bb
@@ -40,6 +40,7 @@ SRC_URI = " \
     file://CVE-2026-1005.patch \
     file://CVE-2026-3580.patch \
     file://CVE-2026-5188.patch \
+    file://CVE-2026-5392.patch \
 "
 
 SRCREV = "b077c81eb635392e694ccedbab8b644297ec0285"