aboutsummaryrefslogtreecommitdiffstats
path: root/src/ssl/hello.cpp
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-03-30 17:37:02 +0000
committerlloyd <[email protected]>2010-03-30 17:37:02 +0000
commit4926c94a69c93379e5fccad595f158b73933c5d4 (patch)
treeb7b45666a8f4432a1cebc92b4a9b684870020030 /src/ssl/hello.cpp
parent23af33bedd546c24d17941a51912cfeac0150491 (diff)
Instead of just discarding the extension size, confirm that the
claimed length matches the length of the data left in the client hello packet.
Diffstat (limited to 'src/ssl/hello.cpp')
-rw-r--r--src/ssl/hello.cpp5
1 files changed, 4 insertions, 1 deletions
diff --git a/src/ssl/hello.cpp b/src/ssl/hello.cpp
index 5c3b561ec..a23d51c24 100644
--- a/src/ssl/hello.cpp
+++ b/src/ssl/hello.cpp
@@ -130,7 +130,10 @@ void Client_Hello::deserialize(const MemoryRegion<byte>& buf)
if(reader.has_remaining())
{
- reader.discard_next(2); // the extension size; we just read to end
+ const u16bit all_extn_size = reader.get_u16bit();
+
+ if(reader.remaining_bytes() != all_extn_size)
+ throw Decoding_Error("Client_Hello: Bad extension size");
while(reader.has_remaining())
{