From 110f5cb4427de0471b4bccaca29a29823aa6fa8e Mon Sep 17 00:00:00 2001 From: Andrew Hutchings Date: Thu, 26 Feb 2026 14:09:01 +0000 Subject: [PATCH] Fix ECH error code: use BUFFER_ERROR for malformed peer input Change innerClientHelloLen underflow guard in TLSX_ECH_Parse from BAD_FUNC_ARG to BUFFER_ERROR to match the convention used throughout tls.c for wire-protocol length/bounds validation. --- src/tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tls.c b/src/tls.c index a4f83e0867..d0f7c9ea2a 100644 --- a/src/tls.c +++ b/src/tls.c @@ -13606,7 +13606,7 @@ static int TLSX_ECH_Parse(WOLFSSL* ssl, const byte* readBuf, word16 size, /* read hello inner len */ ato16(readBuf_p, &ech->innerClientHelloLen); if (ech->innerClientHelloLen < WC_AES_BLOCK_SIZE) { - return BAD_FUNC_ARG; + return BUFFER_ERROR; } ech->innerClientHelloLen -= WC_AES_BLOCK_SIZE; readBuf_p += 2;