shuffle_exts: avoid theoretical wrap around of unsigned integer

Signed-off-by: Daiki Ueno <ueno@gnu.org>

diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index cb407e6eb620b068c3c1444820088fe1d2b13d54..ec685acd1ae2e9b9053ce618e561bafb2f706614 100644 (file)
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -428,7 +428,7 @@ verify(GNUTLS_EXTENSION_MAX < MAX_EXT_TYPES);
  */
 verify(GNUTLS_EXTENSION_MAX_VALUE - GNUTLS_EXTENSION_MAX >= 16);
 
-/* MAX_EXT_TYPES + 1 must fit in a single byte, to generate random
+/* MAX_EXT_TYPES must fit in a single byte, to generate random
  * permutation at once.
  */
 verify(MAX_EXT_TYPES <= UINT8_MAX);

diff --git a/lib/hello_ext.c b/lib/hello_ext.c
index c941fb77827a9b61cb8c953f67321a097ecf5037..40af8c2b102e58e46b2ccdfba6c39a3cdd13d0ca 100644 (file)
--- a/lib/hello_ext.c
+++ b/lib/hello_ext.c
@@ -413,7 +413,10 @@ static int shuffle_exts(extensions_t *exts, size_t size)
 
        assert(size <= MAX_EXT_TYPES);
 
-       /* Generate random permutation, assuming MAX_EXT_TYPES <
+       if (unlikely(size == 0))
+               return 0;
+
+       /* Generate random permutation, assuming MAX_EXT_TYPES <=
         * UINT8_MAX.
         */
        ret = gnutls_rnd(GNUTLS_RND_RANDOM, permutation, size);