Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
LengthPrefixedBuffer: use maximal dummy length
This is just for extreme paranoia and isn't fixing an extant issue. It is safer to have a length prefix that is too large, so that an accidental read of the buffer prior to the length being fixed cannot be interpreted as an empty structure followed by something else. eg, a `ClientExtension` (type 0x12 0x23) in this situation with body [0xff, 0x01, 0x00, 0x00] with a zero dummy length would end up encoded as: 0x12 0x23 0x00 0x00 0xff 0x01 0x00 0x00 Which decodes as two extensions (one empty, one RenegotiationInfo). That would be bad. Using maximal lengths: 0x12 0x23 0xff 0xff 0xff 0x01 0x00 0x00 This cannot be decoded, and prevents the body from being interpreted as something else.
- Loading branch information