Loading src/crypto/tls.cpp +9 −6 Original line number Diff line number Diff line Loading @@ -539,7 +539,8 @@ namespace netplus { const uint8_t* p = sh.data(); size_t n = sh.size(); if (n < 4 + 2 + 32 + 1 + 2 + 1 + 2) { // minimum: handshake hdr(4) + version(2) + random(32) + sid_len(1) + cipher(2) + compression(1) if (n < 4 + 2 + 32 + 1 + 2 + 1) { NetException e; e[NetException::Error] << "ServerHello too short"; throw e; Loading @@ -558,7 +559,7 @@ namespace netplus { // session id uint8_t sid_len = p[off++]; if (off + sid_len > n) { if (off + sid_len + 3 > n) { // +3 for cipher(2)+compression(1) NetException e; e[NetException::Error] << "ServerHello SID overflow"; throw e; Loading @@ -577,7 +578,11 @@ namespace netplus { throw e; } // extensions length bool tls13 = false; bool got_key_share = false; // extensions (optional in TLS 1.2 — legacy servers may omit entirely) if (off + 2 <= n) { uint16_t ext_len = (uint16_t(p[off]) << 8) | p[off+1]; off += 2; Loading @@ -587,9 +592,6 @@ namespace netplus { throw e; } bool tls13 = false; bool got_key_share = false; // parse extensions size_t eoff = off; size_t eend = off + ext_len; Loading Loading @@ -704,6 +706,7 @@ namespace netplus { eoff += el; } } // end if (off + 2 <= n) — extensions optional in TLS 1.2 if (tls13) { if (chosenSuite != 0x1301 && chosenSuite != 0x1302) { Loading Loading
src/crypto/tls.cpp +9 −6 Original line number Diff line number Diff line Loading @@ -539,7 +539,8 @@ namespace netplus { const uint8_t* p = sh.data(); size_t n = sh.size(); if (n < 4 + 2 + 32 + 1 + 2 + 1 + 2) { // minimum: handshake hdr(4) + version(2) + random(32) + sid_len(1) + cipher(2) + compression(1) if (n < 4 + 2 + 32 + 1 + 2 + 1) { NetException e; e[NetException::Error] << "ServerHello too short"; throw e; Loading @@ -558,7 +559,7 @@ namespace netplus { // session id uint8_t sid_len = p[off++]; if (off + sid_len > n) { if (off + sid_len + 3 > n) { // +3 for cipher(2)+compression(1) NetException e; e[NetException::Error] << "ServerHello SID overflow"; throw e; Loading @@ -577,7 +578,11 @@ namespace netplus { throw e; } // extensions length bool tls13 = false; bool got_key_share = false; // extensions (optional in TLS 1.2 — legacy servers may omit entirely) if (off + 2 <= n) { uint16_t ext_len = (uint16_t(p[off]) << 8) | p[off+1]; off += 2; Loading @@ -587,9 +592,6 @@ namespace netplus { throw e; } bool tls13 = false; bool got_key_share = false; // parse extensions size_t eoff = off; size_t eend = off + ext_len; Loading Loading @@ -704,6 +706,7 @@ namespace netplus { eoff += el; } } // end if (off + 2 <= n) — extensions optional in TLS 1.2 if (tls13) { if (chosenSuite != 0x1301 && chosenSuite != 0x1302) { Loading
