From c4604e9b97a4f6c4fd532dbab0fc4b1fdad81276 Mon Sep 17 00:00:00 2001 From: Benjamin Kaduk Date: Fri, 1 Sep 2017 12:37:05 -0500 Subject: [PATCH] Fix long SNI lengths in test/handshake_helper.c If the server_name extension is long enough to require two bytes to hold the length of either field, the test suite would not decode the length properly. Using the PACKET_ APIs would have avoided this, but it was desired to avoid using private APIs in this part of the test suite, to keep ourselves honest. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/4318) --- test/handshake_helper.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/handshake_helper.c b/test/handshake_helper.c index 4ec3867fe3..dc020d9027 100644 --- a/test/handshake_helper.c +++ b/test/handshake_helper.c @@ -153,7 +153,7 @@ static int early_select_server_ctx(SSL *s, void *arg, int ignore) remaining <= 2) return 0; /* Extract the length of the supplied list of names. */ - len = (*(p++) << 1); + len = (*(p++) << 8); len += *(p++); if (len + 2 != remaining) return 0; @@ -168,7 +168,7 @@ static int early_select_server_ctx(SSL *s, void *arg, int ignore) /* Now we can finally pull out the byte array with the actual hostname. */ if (remaining <= 2) return 0; - len = (*(p++) << 1); + len = (*(p++) << 8); len += *(p++); if (len + 2 > remaining) return 0; -- 2.25.1