aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tls: fix off by one in supported versions extension

Browse Source 
Ticket: #5663
pull/8185/head
Philippe Antoine 2 years ago committed by Victor Julien
parent a4239d433a
commit b5147189ae
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
src/app-layer-ssl.c
Unescape Escape View File

@ -1025,7 +1025,7 @@ static inline int TLSDecodeHSHelloExtensionSupportedVersions(SSLState *ssl_state
/* Use the first (and prefered) valid version as client version,
* skip over GREASE and other possible noise. */
uint16_t i = 0;
while (i < (uint16_t)supported_ver_len) {
while (i + 1 < (uint16_t)supported_ver_len) {
uint16_t ver = (uint16_t)(input[i] << 8) | input[i + 1];
if (TLSVersionValid(ver)) {
ssl_state->curr_connp->version = ver;

Write Preview
Loading…
Cancel
Save