mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-06 15:00:50 +02:00
F-4867: reject trailing bytes in TLS 1.3 EncryptedExtensions
DoTls13EncryptedExtensions only bounds-checked the extensions length against the message size, silently ignoring any trailing bytes. RFC 8446 Section 4.3.1 defines the message as solely the extensions block, so enforce length equality and return BUFFER_ERROR (decode_error) on a mismatch.
This commit is contained in:
+1
-1
@@ -6030,7 +6030,7 @@ static int DoTls13EncryptedExtensions(WOLFSSL* ssl, const byte* input,
|
||||
i += OPAQUE16_LEN;
|
||||
|
||||
/* Extension data. */
|
||||
if (i - begin + totalExtSz > totalSz)
|
||||
if (i - begin + totalExtSz != totalSz)
|
||||
return BUFFER_ERROR;
|
||||
if ((ret = TLSX_Parse(ssl, input + i, totalExtSz, encrypted_extensions,
|
||||
NULL))) {
|
||||
|
||||
Reference in New Issue
Block a user