diff options
author | Matt Caswell <matt@openssl.org> | 2017-09-04 08:44:02 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-09-04 15:15:30 +0100 |
commit | 3d85c7f408e54e1a0b367901534139ba5f1cad07 (patch) | |
tree | 848ec43e09fc0ff794a4d2b833c484659deb1ee5 /ssl | |
parent | 45fd6a59facab8b8aa088f9f492f10aa5d2581c2 (diff) | |
download | openssl-3d85c7f408e54e1a0b367901534139ba5f1cad07.zip openssl-3d85c7f408e54e1a0b367901534139ba5f1cad07.tar.gz openssl-3d85c7f408e54e1a0b367901534139ba5f1cad07.tar.bz2 |
Don't attempt to add a zero length padding extension
The padding extension should always be at least 1 byte long
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4331)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/statem/extensions_clnt.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index 2c72dea..bffe7ac 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -843,7 +843,7 @@ EXT_RETURN tls_construct_ctos_padding(SSL *s, WPACKET *pkt, * 1 byte long so as not to have an empty extension last (WebSphere 7.x, * 8.x are intolerant of that condition) */ - if (hlen >= 4) + if (hlen > 4) hlen -= 4; else hlen = 1; |