projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 90e7cdf)
Don't check for a negative SRP extension size
authorMatt Caswell <matt@openssl.org>
Mon, 25 May 2015 23:05:28 +0000 (00:05 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 26 May 2015 09:35:29 +0000 (10:35 +0100)
The size of the SRP extension can never be negative (the variable
|size| is unsigned). Therefore don't check if it is less than zero.

RT#3862

Reviewed-by: Richard Levitte <levitte@openssl.org>
ssl/t1_lib.c patch | blob | history

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index ce010ca4ed0b75aeb356c7b55c4b1877d514fd11..a161dcc5f4330c342788d037cfe7d907b06164ad 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2047,7 +2047,7 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
         }
 #ifndef OPENSSL_NO_SRP
         else if (type == TLSEXT_TYPE_srp) {
-            if (size <= 0 || ((len = data[0])) != (size - 1)) {
+            if (size == 0 || ((len = data[0])) != (size - 1)) {
                 *al = SSL_AD_DECODE_ERROR;
                 return 0;
             }
Unnamed repository; edit this file 'description' to name the repository.