Allow a zero length extension block

It is valid for an extension block to be present in a ClientHello, but to be of zero length. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
2015-06-12 08:05:49 +01:00 · 2015-06-12 08:05:49 +01:00 · 6cbc78906b
commit 6cbc78906b
parent fffcf87a55
1 changed files with 6 additions and 6 deletions
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@ -1016,12 +1016,12 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,

    s->srtp_profile = NULL;

-    if (data >= (d + n - 2)) {
-        if (data != d + n)
-            goto err;
-        else
+    if (data == d + n)
        goto ri_check;
-    }
+
+    if (data > (d + n - 2))
+        goto err;
+
    n2s(data, len);

    if (data > (d + n - len))