shithub: tlssrv.sni

Download patch

ref: f117ba2e67d7c8e20ea5794ce6a592cd45bf73da
parent: 3654e2a6c2ce647628929b994e68185a56f7d7df
author: Igor Böhm <igor@9lab.org>
date: Tue Sep 27 19:58:16 EDT 2022 

sni: increment pointer *after* host_name check


--- a/tlshand.c
+++ b/tlshand.c
@@ -665,9 +665,9 @@
 			if(n < 4 || get16(p) != (n -= 2))
 				goto Short;
 			p += 2;
-			if(*p++ != 0)			/* Server Name Type: host_name */
+			if(*p != 0)				/* Server Name Type: host_name */
 				break;
-			p += 2;
+			p += 1+2;
 			if(e-p < (n = get16(p-2)))
 				goto Short;
 			if(n > 255)				/* DNS name can not exceed 255 bytes RFC1035 */