From 8a8a83b4a240bb2f13455402df1504ff2930c750 Mon Sep 17 00:00:00 2001
From: Glenn Strauss <gstrauss@gluelogic.com>
Date: Tue, 2 Feb 2021 02:21:23 -0500
Subject: [PATCH] remove ssl_parse_client_hello redundant conditions

ext_len is unsigned and the loop over the extensions checks
        while( ext_len != 0 )
        {
            if ( ext_len < 4 ) {
so additional checks are redundant.

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
---
 library/ssl_srv.c | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index e33b828ad..dc2584462 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1887,8 +1887,7 @@ read_record_header:
             ext_len = ( buf[ext_offset + 0] << 8 )
                     | ( buf[ext_offset + 1]      );
 
-            if( ( ext_len > 0 && ext_len < 4 ) ||
-                msg_len != ext_offset + 2 + ext_len )
+            if( msg_len != ext_offset + 2 + ext_len )
             {
                 MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
                 mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
@@ -2079,14 +2078,6 @@ read_record_header:
 
             ext_len -= 4 + ext_size;
             ext += 4 + ext_size;
-
-            if( ext_len > 0 && ext_len < 4 )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-            }
         }
 #if defined(MBEDTLS_SSL_PROTO_SSL3)
     }