From 3be264e2c33a7de193ede8b7987f8609093c870a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Jul 2019 17:27:32 +0100 Subject: [PATCH] Remove redundant length-0 checks for incoming unprotected records --- library/ssl_tls.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 0386ea0e8..5f81939c4 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5027,8 +5027,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context *ssl ) /* Check length against bounds of the current transform and version */ if( ssl->transform_in == NULL ) { - if( ssl->in_msglen < 1 || - ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN ) + if( ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); return( MBEDTLS_ERR_SSL_INVALID_RECORD );