From 558aae1a3384fce626d98608730f3b2d919bb78f Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Tue, 4 Jul 2017 16:52:45 +0200
Subject: tls: use capped SNI len everywhere

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---
 networking/tls.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'networking')

diff --git a/networking/tls.c b/networking/tls.c
index db518bf90..fd3cb0dba 100644
--- a/networking/tls.c
+++ b/networking/tls.c
@@ -1199,11 +1199,11 @@ static void send_client_hello_and_alloc_hsd(tls_state_t *tls, const char *sni)
 	};
 	struct client_hello *record;
 	int len;
-	int sni_len = sni ? strnlen(sni, 127) : 0;
+	int sni_len = sni ? strnlen(sni, 127 - 9) : 0;
 
 	len = sizeof(*record);
 	if (sni_len)
-		len += 11 + strlen(sni);
+		len += 11 + sni_len;
 	record = tls_get_outbuf(tls, len);
 	memset(record, 0, len);
 
-- 
cgit v1.2.3