Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 13:55:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix #2502

Browse Source 
This commit fixes #2502 in the 3.2 branch by checking that the key_share extension is at least 4 bytes long (8 in ASCII-HEX). These 4 bytes encode the group value (2 bytes) and the length of the key (2 bytes).
This commit is contained in:
David Cooper
2024-06-13 05:53:50 -07:00
committed by GitHub
parent c2a322419c
commit c72f4061b4
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
testssl.sh
View File

@@ -14455,7 +14455,7 @@ parse_tls_serverhello() {
tls_extensions+=" (id=51), len=$extension_len\n" tls_extensions+=" (id=51), len=$extension_len\n"
fi fi
if [[ "$process_full" =~ all ]] || [[ "$process_full" == ephemeralkey ]]; then if [[ "$process_full" =~ all ]] || [[ "$process_full" == ephemeralkey ]]; then
if [[ $extension_len -lt 4 ]]; then if [[ $extension_len -lt 8 ]]; then
debugme tmln_warning "Malformed key share extension." debugme tmln_warning "Malformed key share extension."
[[ $DEBUG -ge 1 ]] && tmpfile_handle ${FUNCNAME[0]}.txt [[ $DEBUG -ge 1 ]] && tmpfile_handle ${FUNCNAME[0]}.txt
return 1 return 1