https://codereview.appspot.com/269930043/diff/1/lib/ssl/ssl3ext.c File lib/ssl/ssl3ext.c (left): https://codereview.appspot.com/269930043/diff/1/lib/ssl/ssl3ext.c#oldcode455 lib/ssl/ssl3ext.c:455: if (!listCount) { In line 429, if listLenBytes == ...
8 years, 7 months ago
(2015-10-01 13:43:57 UTC)
#1
https://codereview.appspot.com/269930043/diff/1/lib/ssl/ssl3ext.c
File lib/ssl/ssl3ext.c (left):
https://codereview.appspot.com/269930043/diff/1/lib/ssl/ssl3ext.c#oldcode455
lib/ssl/ssl3ext.c:455: if (!listCount) {
In line 429, if listLenBytes == 0 we return SECSuccess, ignoring an empty
extension. However, here we would return SECFailure, indicating failure.
Looking at RFC6066, a properly formed extension must contain at least one
name:
struct {
ServerName server_name_list<1..2^16-1>
} ServerNameList;
This seems to imply that in line 430, we should be returning SECFailure and
arguably calling ssl3_DecodeError()
Issue 269930043: Bug 1210380 - Code can never be reached because of a logical contradiction in ssl3_HandleServerName…
(Closed)
Created 8 years, 7 months ago by ttaubert
Modified 8 years, 5 months ago
Reviewers: ekr, mt, ekr-rietveld
Base URL:
Comments: 2