From 1ee15908686835b1594614c7cd78cd9a63ab4c78 Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Fri, 21 Feb 2020 20:07:19 +0100
Subject: [PATCH] ssl: don't say we consumed bytes if we didn't consume them

---
 src/app-layer-ssl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index d8a2638fa2..b6e5a7dcaa 100644
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -509,6 +509,7 @@ static inline int TlsDecodeHSCertificateAddCertToChain(SSLState *ssl_state,
     return 0;
 }
 
+/** \retval consumed bytes consumed or -1 on error */
 static int TlsDecodeHSCertificate(SSLState *ssl_state,
                                   const uint8_t * const initial_input,
                                   const uint32_t input_len)
@@ -518,7 +519,7 @@ static int TlsDecodeHSCertificate(SSLState *ssl_state,
     Asn1Generic *cert = NULL;
 
     if (!(HAS_SPACE(3)))
-        return 1;
+        return 0;
 
     uint32_t cert_chain_len = *input << 16 | *(input + 1) << 8 | *(input + 2);
     input += 3;
-- 
2.47.2