archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 23:34:52 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8264948: Check for TLS extensions total length

Browse source 
Reviewed-by: jnimeh
This commit is contained in:
Xue-Lei Andrew Fan 2021-04-10 03:48:45 +00:00
parent 42f4d70627
commit 5784f6b7f7
1 changed files with 13 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/java.base/share/classes/sun/security/ssl/SSLExtensions.java
View file

@ -54,14 +54,26 @@ final class SSLExtensions {
ByteBuffer m, SSLExtension[] extensions) throws IOException {
this.handshakeMessage = hm;
if (m.remaining() < 2) {
throw hm.handshakeContext.conContext.fatal(
Alert.DECODE_ERROR,
"Incorrect extensions: no length field");
}
int len = Record.getInt16(m);
if (len > m.remaining()) {
throw hm.handshakeContext.conContext.fatal(
Alert.DECODE_ERROR,
"Insufficient extensions data");
}
encodedLength = len + 2; // 2: the length of the extensions.
while (len > 0) {
int extId = Record.getInt16(m);
int extLen = Record.getInt16(m);
if (extLen > m.remaining()) {
throw hm.handshakeContext.conContext.fatal(
Alert.ILLEGAL_PARAMETER,
Alert.DECODE_ERROR,
"Error parsing extension (" + extId +
"): no sufficient data");
}