commit cbe14ec96755121037c48c39d0bbe3e347ac63ab
author Andrzej Kurek <andrzej.kurek@arm.com> Wed Jun 15 07:17:28 2022 -0400
committer Andrzej Kurek <andrzej.kurek@arm.com> Wed Jun 15 07:17:28 2022 -0400
tree 73d8d963eeaaf5fa7bb8312d65fbbedeb17b354f
parent 96d5439da5dc69419604a44a021bb77f55c3820e

Improve variable extracting operations by using MBEDTLS_GET macros
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

library/ssl_msg.c

diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 681e431..5aa098e 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -3156,7 +3156,7 @@
                            const unsigned char *in, size_t in_len,
                            unsigned char *obuf, size_t buf_len, size_t *olen )
 {
-    size_t sid_len, cookie_len;
+    size_t sid_len, cookie_len, epoch, fragment_offset;
     unsigned char *p;
 
     /*
@@ -3193,15 +3193,17 @@
         MBEDTLS_SSL_DEBUG_MSG( 4, ( "check cookie: record too short" ) );
         return( MBEDTLS_ERR_SSL_DECODE_ERROR );
     }
-    if( in[0] != MBEDTLS_SSL_MSG_HANDSHAKE ||
-        in[3] != 0 || in[4] != 0 ||
-        in[19] != 0 || in[20] != 0 || in[21] != 0 )
+
+    epoch = MBEDTLS_GET_UINT16_BE( in, 3 );
+    fragment_offset = MBEDTLS_GET_UINT24_BE( in, 19 );
+
+    if( in[0] != MBEDTLS_SSL_MSG_HANDSHAKE || epoch != 0 ||
+        fragment_offset != 0 )
     {
         MBEDTLS_SSL_DEBUG_MSG( 4, ( "check cookie: not a good ClientHello" ) );
         MBEDTLS_SSL_DEBUG_MSG( 4, ( "    type=%u epoch=%u fragment_offset=%u",
-                                    in[0],
-                                    (unsigned) in[3] << 8 | in[4],
-                                    (unsigned) in[19] << 16 | in[20] << 8 | in[21] ) );
+                                    in[0], (unsigned) epoch,
+                                    (unsigned) fragment_offset ) );
         return( MBEDTLS_ERR_SSL_DECODE_ERROR );
     }