Ensure we fail with a decode error alert if the server sends and empty Cert

Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3436)
author: Matt Caswell <matt@openssl.org> 2017-05-11 08:38:21 +0100
committer: Matt Caswell <matt@openssl.org> 2017-05-11 13:13:04 +0100
commit: 1a281aab730fc089291b774b05441c737f0d1d3d (patch)
tree: 5735e34965c085a140980dfb539cf665d1c73766 /ssl
parent: f69fe73a2ae94c7f8d0812715e29f79d40db1723 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index c1fec589ea..73dcff606e 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -1688,7 +1688,8 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt)
     if ((SSL_IS_TLS13(s) && !PACKET_get_1(pkt, &context))
             || context != 0
             || !PACKET_get_net_3(pkt, &cert_list_len)
-            || PACKET_remaining(pkt) != cert_list_len) {
+            || PACKET_remaining(pkt) != cert_list_len
+            || PACKET_remaining(pkt) == 0) {
         al = SSL_AD_DECODE_ERROR;
         SSLerr(SSL_F_TLS_PROCESS_SERVER_CERTIFICATE, SSL_R_LENGTH_MISMATCH);
         goto f_err;
author	Matt Caswell <matt@openssl.org>	2017-05-11 08:38:21 +0100
committer	Matt Caswell <matt@openssl.org>	2017-05-11 13:13:04 +0100
commit	1a281aab730fc089291b774b05441c737f0d1d3d (patch)
tree	5735e34965c085a140980dfb539cf665d1c73766 /ssl
parent	f69fe73a2ae94c7f8d0812715e29f79d40db1723 (diff)