diff options
author | Ben Laurie <ben@openssl.org> | 2010-06-12 13:18:58 +0000 |
---|---|---|
committer | Ben Laurie <ben@openssl.org> | 2010-06-12 13:18:58 +0000 |
commit | d886975835e7e430aeda6ecb1653363b463bc9cf (patch) | |
tree | 03ec369d422a0585dc36abb091a4d96ed90e128f /ssl/t1_lib.c | |
parent | 22872a536328f52f3cbed8607107d7afbc8881f0 (diff) |
Fix gcc 4.6 warnings. Check TLS server hello extension length.
Diffstat (limited to 'ssl/t1_lib.c')
-rw-r--r-- | ssl/t1_lib.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 8b53112770..d61c08c8ef 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -601,9 +601,9 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al) { + unsigned short length; unsigned short type; unsigned short size; - unsigned short len; unsigned char *data = *p; int tlsext_servername = 0; int renegotiate_seen = 0; @@ -611,7 +611,12 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in if (data >= (d+n-2)) goto ri_check; - n2s(data,len); + n2s(data,length); + if (data+length != d+n) + { + *al = SSL_AD_DECODE_ERROR; + return 0; + } while(data <= (d+n-4)) { |