Fix ssl/t1_trce.c to parse certificate chains

Fixes #6994 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Yang <yang.yang@baishancloud.com> (Merged from https://github.com/openssl/openssl/pull/7009)
author: Erik Forsberg <erik@efca.com> 2018-08-19 20:24:44 +0300
committer: Paul Yang <yang.yang@baishancloud.com> 2018-09-01 03:58:42 +0300
commit: d6c46adf180aa3e29d5dac075fb673bbc273ae08 (patch)
tree: e72e33c7761124545658479cfb0d2d413b0eff80 /ssl
parent: 322755cc2a91d08b66826b38a7b8c20f68cd8890 (diff)
1 files changed, 17 insertions, 10 deletions
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index b79c776f2d..be3039af38 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -885,28 +885,35 @@ static int ssl_print_extensions(BIO *bio, int indent, int server,
 
     BIO_indent(bio, indent, 80);
     if (msglen == 0) {
-        BIO_puts(bio, "No Extensions\n");
+        BIO_puts(bio, "No extensions\n");
         return 1;
     }
     if (msglen < 2)
         return 0;
     extslen = (msg[0] << 8) | msg[1];
-    if (extslen != msglen - 2)
-        return 0;
+    msglen -= 2;
     msg += 2;
-    msglen = extslen;
-    BIO_printf(bio, "extensions, length = %d\n", (int)msglen);
-    while (msglen > 0) {
+    if (extslen == 0) {
+        BIO_puts(bio, "No extensions\n");
+        *msgin = msg;
+        *msginlen = msglen;
+        return 1;
+    }
+    if (extslen > msglen)
+        return 0;
+    BIO_printf(bio, "extensions, length = %d\n", (int)extslen);
+    msglen -= extslen;
+    while (extslen > 0) {
         int extype;
         size_t extlen;
-        if (msglen < 4)
+        if (extslen < 4)
             return 0;
         extype = (msg[0] << 8) | msg[1];
         extlen = (msg[2] << 8) | msg[3];
-        if (msglen < extlen + 4) {
+        if (extslen < extlen + 4) {
             BIO_printf(bio, "extensions, extype = %d, extlen = %d\n", extype,
                        (int)extlen);
-            BIO_dump_indent(bio, (const char *)msg, msglen, indent + 2);
+            BIO_dump_indent(bio, (const char *)msg, extslen, indent + 2);
             return 0;
         }
         msg += 4;
@@ -914,7 +921,7 @@ static int ssl_print_extensions(BIO *bio, int indent, int server,
                                  extlen))
             return 0;
         msg += extlen;
-        msglen -= extlen + 4;
+        extslen -= extlen + 4;
     }
 
     *msgin = msg;
author	Erik Forsberg <erik@efca.com>	2018-08-19 20:24:44 +0300
committer	Paul Yang <yang.yang@baishancloud.com>	2018-09-01 03:58:42 +0300
commit	d6c46adf180aa3e29d5dac075fb673bbc273ae08 (patch)
tree	e72e33c7761124545658479cfb0d2d413b0eff80 /ssl
parent	322755cc2a91d08b66826b38a7b8c20f68cd8890 (diff)