🐞 fix(parse_server_name_extension): 增加sni长度判断，同时解析结果异常时，增加释放已申请sni内存的操作

2023-07-31 00:49:31 +08:00
parent 8b105dca38
commit ca6f5be568
1 changed files with 6 additions and 1 deletions
--- a/src/tsg_ssl_utils.cpp
+++ b/src/tsg_ssl_utils.cpp
@@ -179,7 +179,7 @@ static char*  parse_server_name_extension(const unsigned char* buff, size_t buff
 	while (pos + 3 < buff_len)
 	{
 		size_t len = ((size_t)buff[pos + 1] << 8) + (size_t)buff[pos + 2];
-		if (pos + 3 + len > buff_len)
+		if (len == 0 || pos + 3 + len > buff_len)
 		{
 			*result = CHELLO_PARSE_INVALID_FORMAT;
 			return NULL;
@@ -198,6 +198,11 @@ static char*  parse_server_name_extension(const unsigned char* buff, size_t buff
    }
    if (pos != buff_len)
 	{
+		if(sni!=NULL)
+		{
+			free(sni);
+			sni = NULL;
+		}
 		*result = CHELLO_PARSE_INVALID_FORMAT;
 	}
 	return sni;