kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check for trailing data in key_share extension.

Browse Source 
Change-Id: I057e19a9547a14b3950395db4318eaf0da01ec13
Reviewed-on: https://boringssl-review.googlesource.com/9079
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
David Benjamin 2016-08-02 16:52:57 -04:00 committed by CQ bot account: commit-bot@chromium.org
parent ce079fda12
commit a70de147ff
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ssl/t1_lib.c
View File

@ -2037,7 +2037,8 @@ int ext_key_share_parse_serverhello(SSL *ssl, uint8_t **out_secret,
CBS peer_key;
uint16_t group;
if (!CBS_get_u16(contents, &group) ||
!CBS_get_u16_length_prefixed(contents, &peer_key)) {
!CBS_get_u16_length_prefixed(contents, &peer_key) ||
CBS_len(contents) != 0) {
*out_alert = SSL_AD_DECODE_ERROR;
return 0;
}
@ -2073,7 +2074,8 @@ int ext_key_share_parse_clienthello(SSL *ssl, int *out_found,
uint16_t group_id;
CBS key_shares;
if (!tls1_get_shared_group(ssl, &group_id) ||
!CBS_get_u16_length_prefixed(contents, &key_shares)) {
!CBS_get_u16_length_prefixed(contents, &key_shares) ||
CBS_len(contents) != 0) {
return 0;
}