From: Alexander Sosedkin <asosedkin@redhat.com>
Date: Thu, 3 Nov 2022 18:24:15 +0000 (+0100)
Subject: Fix CertificateCompressionAlgorithm to be read as 2-octet-wide
X-Git-Tag: openssl-3.2.0-alpha1~1776
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ce74e3fb50e1756b14e394acf9dff7362099bb66;p=thirdparty%2Fopenssl.git

Fix CertificateCompressionAlgorithm to be read as 2-octet-wide

CLA: trivial

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19600)
---

diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 601682152a5..d1647194767 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -1860,7 +1860,7 @@ int tls_parse_compress_certificate(SSL_CONNECTION *sc, PACKET *pkt, unsigned int
      * The array is 0 (i.e. "none") terminated
      * The preference list only contains supported algorithms
      */
-    while (PACKET_get_1(&supported_comp_algs, &comp)) {
+    while (PACKET_get_net_2(&supported_comp_algs, &comp)) {
         if (tls_comp_in_pref(sc, comp) && !already_set[comp]) {
             sc->ext.compress_certificate_from_peer[j++] = comp;
             already_set[comp] = 1;