crypto/tls: fix decoding of certLen in certificateMsg.unmarshal
certLen was decoded incorrectly if length > 2^16-1. R=golang-dev, agl CC=golang-dev https://golang.org/cl/6197077
This commit is contained in:
parent
30b2db1e5f
commit
615733d170
@ -563,7 +563,7 @@ func (m *certificateMsg) unmarshal(data []byte) bool {
|
|||||||
if len(d) < 4 {
|
if len(d) < 4 {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
certLen := uint32(d[0])<<24 | uint32(d[1])<<8 | uint32(d[2])
|
certLen := uint32(d[0])<<16 | uint32(d[1])<<8 | uint32(d[2])
|
||||||
if uint32(len(d)) < 3+certLen {
|
if uint32(len(d)) < 3+certLen {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
@ -575,7 +575,7 @@ func (m *certificateMsg) unmarshal(data []byte) bool {
|
|||||||
m.certificates = make([][]byte, numCerts)
|
m.certificates = make([][]byte, numCerts)
|
||||||
d = data[7:]
|
d = data[7:]
|
||||||
for i := 0; i < numCerts; i++ {
|
for i := 0; i < numCerts; i++ {
|
||||||
certLen := uint32(d[0])<<24 | uint32(d[1])<<8 | uint32(d[2])
|
certLen := uint32(d[0])<<16 | uint32(d[1])<<8 | uint32(d[2])
|
||||||
m.certificates[i] = d[3 : 3+certLen]
|
m.certificates[i] = d[3 : 3+certLen]
|
||||||
d = d[3+certLen:]
|
d = d[3+certLen:]
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user