summaryrefslogtreecommitdiff
path: root/src/lib/libssl/t1_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/t1_lib.c')
-rw-r--r--src/lib/libssl/t1_lib.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 833fc172de..0baa70663a 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -917,6 +917,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
917 } 917 }
918 n2s(data, idsize); 918 n2s(data, idsize);
919 dsize -= 2 + idsize; 919 dsize -= 2 + idsize;
920 size -= 2 + idsize;
920 if (dsize < 0) 921 if (dsize < 0)
921 { 922 {
922 *al = SSL_AD_DECODE_ERROR; 923 *al = SSL_AD_DECODE_ERROR;
@@ -955,9 +956,14 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
955 } 956 }
956 957
957 /* Read in request_extensions */ 958 /* Read in request_extensions */
959 if (size < 2)
960 {
961 *al = SSL_AD_DECODE_ERROR;
962 return 0;
963 }
958 n2s(data,dsize); 964 n2s(data,dsize);
959 size -= 2; 965 size -= 2;
960 if (dsize > size) 966 if (dsize != size)
961 { 967 {
962 *al = SSL_AD_DECODE_ERROR; 968 *al = SSL_AD_DECODE_ERROR;
963 return 0; 969 return 0;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-27 17:58:11 +0000