WPS: Extra validation step for HTTP reader

Verify that ncopy parameter to memcpy is not negative. While this is not
supposed to be needed, it is a good additional protection against
unknown implementation issues.

Signed-off-by: Jouni Malinen <j@w1.fi>

src/wps/httpread.c

@@ -608,6 +608,11 @@ static void httpread_read_handler(int sd, void *eloop_ctx, void *sock_ctx)
 				ncopy = nread;
 			}
 			/* Note: should never be 0 */
+			if (ncopy < 0) {
+				wpa_printf(MSG_DEBUG,
+					   "httpread: Invalid ncopy=%d", ncopy);
+				goto bad;
+			}
 			if (ncopy > nread)
 				ncopy = nread;
 			os_memcpy(bbp, rbp, ncopy);