From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 28 Aug 2020 06:54:49 +0000 (+0200)
Subject: tls-peer: Fix parsing of encrypted extensions
X-Git-Tag: 5.9.2rc1~23^2~84
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f0ed5f9125fbb8da4f6cd01ab7120ccb6328455c;p=thirdparty%2Fstrongswan.git

tls-peer: Fix parsing of encrypted extensions
---

diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c
index 6bec0219b5..a75a8f037e 100644
--- a/src/libtls/tls_peer.c
+++ b/src/libtls/tls_peer.c
@@ -289,7 +289,6 @@ static status_t process_server_hello(private_tls_peer_t *this,
 static status_t process_encrypted_extensions(private_tls_peer_t *this,
 											 bio_reader_t *reader)
 {
-	uint16_t length;
 	chunk_t ext = chunk_empty;
 	int offset = 0;
 	uint16_t extension_type, extension_length;
@@ -297,9 +296,7 @@ static status_t process_encrypted_extensions(private_tls_peer_t *this,
 	this->crypto->append_handshake(this->crypto,
 								   TLS_ENCRYPTED_EXTENSIONS, reader->peek(reader));
 
-
-	if (!reader->read_uint16(reader, &length) ||
-		(reader->remaining(reader) && !reader->read_data16(reader, &ext)))
+	if (!reader->read_data16(reader, &ext))
 	{
 		DBG1(DBG_TLS, "received invalid EncryptedExtensions");
 		this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);