Allow a zero length extension block It is valid for an extension block to be present in a ClientHello, but to be of zero length. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>

commit: 1ae3fdbe6a7e78eef4d7678cb08ff468481c24ad [log] [tgz]
author: Adam Langley <agl@google.com> Fri Jun 12 08:05:49 2015 +0100
committer: Matt Caswell <matt@openssl.org> Fri Jun 12 15:40:33 2015 +0100
tree: bb631c83827a84d92c419bda4949d7cb2b8920f5
parent: 4b464e7b46682f568a5df550426b0cf4b22e2485 [diff] [blame]
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index f0565a2..402047a 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c

@@ -1940,12 +1940,12 @@
 
     s->srtp_profile = NULL;
 
-    if (data >= (d + n - 2)) {
-        if (data != d + n)
-            goto err;
-        else
-            goto ri_check;
-    }
+    if (data == d + n)
+        goto ri_check;
+
+    if (data > (d + n - 2))
+        goto err;
+
     n2s(data, len);
 
     if (data > (d + n - len))
commit	1ae3fdbe6a7e78eef4d7678cb08ff468481c24ad	[log] [tgz]
author	Adam Langley <agl@google.com>	Fri Jun 12 08:05:49 2015 +0100
committer	Matt Caswell <matt@openssl.org>	Fri Jun 12 15:40:33 2015 +0100
tree	bb631c83827a84d92c419bda4949d7cb2b8920f5
parent	4b464e7b46682f568a5df550426b0cf4b22e2485 [diff] [blame]