dtls.c: Sanity check on CipherSuites length

This change fixes a possible integer underflow when iterating through the CipherSuites indicated in the ClientHello message. Fixes https://bugs.eclipse.org/bugs/show_bug.cgi?id=534333 Fixes https://bugs.eclipse.org/bugs/show_bug.cgi?id=544824 Change-Id: Ic14780eb11a24c01d30889e7bb74f2e877bb7faa
eclipse · Jul 25, 2019 · 494a40d · 494a40d
1 parent 68a1cda
commit 494a40d
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/dtls.c b/dtls.c
@@ -1075,7 +1075,7 @@ dtls_update_parameters(dtls_context_t *ctx,
   data_length -= sizeof(uint16) + i;
 
   ok = 0;
-  while (i && !ok) {
+  while ((i >= (int)sizeof(uint16)) && !ok) {
     config->cipher = dtls_uint16_to_int(data);
     ok = known_cipher(ctx, config->cipher, 0);
     i -= sizeof(uint16);