extra sanity check on RSA decrypt argument

Author: JacobBarthelmeh

tests/api/test_rsa.c

@@ -822,7 +822,10 @@ int test_wc_RsaPublicEncryptDecrypt(void)
     ExpectIntGE(wc_RsaPrivateDecrypt(cipher, cipherLenResult, plain, plainLen,
         &key), 0);
     ExpectIntEQ(XMEMCMP(plain, inStr, plainLen), 0);
-    /* Pass bad args - tested in another testing function.*/
+
+    /* Pass bad args - additionally tested in another testing function.*/
+    ExpectIntEQ(wc_RsaPrivateDecrypt(cipher, cipherLenResult, plain, inLen - 1,
+        &key), RSA_BUFFER_E);
 
     WC_FREE_VAR(in, NULL);
     WC_FREE_VAR(plain, NULL);

wolfcrypt/src/rsa.c

@@ -3638,7 +3638,7 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
                     word32 j;
                     int start = (int)((size_t)pad - (size_t)key->data);
 
-                    for (j = 0; j < key->dataLen; j++) {
+                    for (j = 0; j < key->dataLen && i < outLen; j++) {
                         signed char c;
                         out[i] = key->data[j];
                         c  = (signed char)ctMaskGTE((int)j, start);