Fix issue #2718 (condition always false)

commit: 6527bd6dfcc6a08c4614d026a00df903a1f44dc9 [log] [tgz]
author: irwir <irwir@users.noreply.github.com> Sat Sep 21 18:51:25 2019 +0300
committer: irwir <irwir@users.noreply.github.com> Mon Nov 04 19:52:26 2019 +0300
tree: fb4df859a325f2bc02cca7dddf9427e5ab12e456
parent: c835672c51652586e815c8723335f17a2641eb9e [diff]
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 57e5d8a..78d1054 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c

@@ -2339,7 +2339,7 @@
                                       unsigned char *end )
 {
     int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
-    size_t  len;
+    uint16_t  len;
     ((void) ssl);
 
     /*
@@ -2356,7 +2356,7 @@
     len = (*p)[0] << 8 | (*p)[1];
     *p += 2;
 
-    if( end - (*p) < (int) len )
+    if( end - (*p) < len )
     {
         MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message "
                                     "(psk_identity_hint length)" ) );

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index b1da073..0c78ab4 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c

@@ -3810,7 +3810,7 @@
                                           const unsigned char *end )
 {
     int ret = 0;
-    size_t n;
+    uint16_t n;
 
     if( ssl_conf_has_psk_or_cb( ssl->conf ) == 0 )
     {
@@ -3830,7 +3830,7 @@
     n = ( (*p)[0] << 8 ) | (*p)[1];
     *p += 2;
 
-    if( n < 1 || n > 65535 || n > (size_t) ( end - *p ) )
+    if( n == 0 || n > end - *p )
     {
         MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
         return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
commit	6527bd6dfcc6a08c4614d026a00df903a1f44dc9	[log] [tgz]
author	irwir <irwir@users.noreply.github.com>	Sat Sep 21 18:51:25 2019 +0300
committer	irwir <irwir@users.noreply.github.com>	Mon Nov 04 19:52:26 2019 +0300
tree	fb4df859a325f2bc02cca7dddf9427e5ab12e456
parent	c835672c51652586e815c8723335f17a2641eb9e [diff]