Fix debug print of encrypted extensions

Perform debug print of encrypted extensions buffer only after the buffer length was checked successfully

Signed-off-by: Jan Bruckner <jan@janbruckner.de>
This commit is contained in:
Jan Bruckner 2023-02-23 12:08:09 +01:00
parent 2ba9794adc
commit 5a3629b613

View file

@ -2117,10 +2117,11 @@ static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl,
extensions_len = MBEDTLS_GET_UINT16_BE(p, 0);
p += 2;
MBEDTLS_SSL_DEBUG_BUF(3, "encrypted extensions", p, extensions_len);
MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, extensions_len);
extensions_end = p + extensions_len;
MBEDTLS_SSL_DEBUG_BUF(3, "encrypted extensions", p, extensions_len);
handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
while (p < extensions_end) {