From: Adam Langley <agl@google.com>
Date: Fri, 12 Jun 2015 07:05:49 +0000 (+0100)
Subject: Allow a zero length extension block
X-Git-Tag: OpenSSL_1_0_2c~2
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=fe64245aa1b1f5519ddfe11e3c9d7ad49ae4de95;p=oweals%2Fopenssl.git

Allow a zero length extension block

It is valid for an extension block to be present in a ClientHello, but to
be of zero length.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
---

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index d811d3fdb8..210a5e8743 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2016,12 +2016,12 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
 
     s->srtp_profile = NULL;
 
-    if (data >= (d + n - 2)) {
-        if (data != d + n)
-            goto err;
-        else
-            goto ri_check;
-    }
+    if (data == d + n)
+        goto ri_check;
+
+    if (data > (d + n - 2))
+        goto err;
+
     n2s(data, len);
 
     if (data > (d + n - len))