From a5842ac20eab3260cbdc99df182e87b172b63fa9 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Wed, 19 Jun 2024 15:09:48 +0100 Subject: [PATCH] Improve handling of legacy_compression_methods in ssl_tls13_parse_client_hello() Signed-off-by: Waleed Elmelegy --- library/ssl_tls13_server.c | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index ca3ea53857..ae690e538e 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1265,8 +1265,6 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, mbedtls_ssl_handshake_params *handshake = ssl->handshake; int hrr_required = 0; int no_usable_share_for_key_agreement = 0; - unsigned char legacy_compression_methods_len; - unsigned char legacy_compression_methods; #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) int got_psk = 0; @@ -1364,19 +1362,17 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, p += cipher_suites_len; cipher_suites_end = p; - legacy_compression_methods_len = *p; - legacy_compression_methods = *(p+1); - - if (legacy_compression_methods_len != 1 || legacy_compression_methods != 0) { - return SSL_CLIENT_HELLO_TLS1_2; - } + /* Check if we have enough data to for legacy_compression_methods + * and a length byte. + */ + MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, 1 + p[0]); /* * Search for the supported versions extension and parse it to determine * if the client supports TLS 1.3. */ ret = mbedtls_ssl_tls13_is_supported_versions_ext_present_in_exts( - ssl, p + 2, end, + ssl, p + 1 + p[0], end, &supported_versions_data, &supported_versions_data_end); if (ret < 0) { MBEDTLS_SSL_DEBUG_RET(1,