session: fix coverity warnings

Change-Id: I022dc40476ea9c30957b12bf1bd0629c6eb41cda
Signed-off-by: Florin Coras <fcoras@cisco.com>
diff --git a/src/vnet/session/session_api.c b/src/vnet/session/session_api.c
index ca739fa..9236b19 100755
--- a/src/vnet/session/session_api.c
+++ b/src/vnet/session/session_api.c
@@ -1131,6 +1131,11 @@
   memset (a, 0, sizeof (*a));
   a->app_index = app->index;
   cert_len = clib_net_to_host_u16 (mp->cert_len);
+  if (cert_len > 10000)
+    {
+      rv = VNET_API_ERROR_INVALID_VALUE;
+      goto done;
+    }
   vec_validate (a->cert, cert_len);
   clib_memcpy (a->cert, mp->cert, cert_len);
   if ((error = vnet_app_add_tls_cert (a)))
@@ -1166,6 +1171,11 @@
   memset (a, 0, sizeof (*a));
   a->app_index = app->index;
   key_len = clib_net_to_host_u16 (mp->key_len);
+  if (key_len > 10000)
+    {
+      rv = VNET_API_ERROR_INVALID_VALUE;
+      goto done;
+    }
   vec_validate (a->key, key_len);
   clib_memcpy (a->key, mp->key, key_len);
   if ((error = vnet_app_add_tls_key (a)))