diff options
| author | Adam Langley <agl@google.com> | 2015-06-12 08:05:49 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2015-06-12 15:40:33 +0100 |
| commit | 1ae3fdbe6a7e78eef4d7678cb08ff468481c24ad (patch) | |
| tree | bb631c83827a84d92c419bda4949d7cb2b8920f5 /ssl | |
| parent | 4b464e7b46682f568a5df550426b0cf4b22e2485 (diff) | |
Allow a zero length extension block
It is valid for an extension block to be present in a ClientHello, but to
be of zero length.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/t1_lib.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index f0565a2291..402047a237 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1940,12 +1940,12 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, s->srtp_profile = NULL; - if (data >= (d + n - 2)) { - if (data != d + n) - goto err; - else - goto ri_check; - } + if (data == d + n) + goto ri_check; + + if (data > (d + n - 2)) + goto err; + n2s(data, len); if (data > (d + n - len)) |