From 208c6478d5c20b9d8a9f0a293e3808aa16ee091f Mon Sep 17 00:00:00 2001
From: Andrew Hamilton <adhamilt@gmail.com>
Date: Mon, 7 Jul 2025 10:31:55 +0900
Subject: [PATCH] psk: fix read buffer overrun in the "pre_shared_key"
 extension

While processing the "pre_shared_key" extension in TLS 1.3, if there
are certain malformed data in the extension headers, then the code may
read uninitialized memory (2 bytes) beyond the received TLS extension
buffer. Spotted by oss-fuzz at:
https://issues.oss-fuzz.com/issues/42513990

Signed-off-by: Andrew Hamilton <adhamilt@gmail.com>
Signed-off-by: Daiki Ueno <ueno@gnu.org>

Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls/-/commit/208c6478d5c20b9d8a9f0a293e3808aa16ee091f]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 lib/ext/pre_shared_key.c                          |   2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c
index 51c4891d5..2cb83e670 100644
--- a/lib/ext/pre_shared_key.c
+++ b/lib/ext/pre_shared_key.c
@@ -1170,6 +1170,8 @@ static int _gnutls_psk_recv_params(gnutls_session_t session,
 
 	if (session->security_parameters.entity == GNUTLS_CLIENT) {
 		if (session->internals.hsk_flags & HSK_PSK_KE_MODES_SENT) {
+			DECR_LEN(len, 2);
+
 			uint16_t selected_identity = _gnutls_read_uint16(data);
 
 			for (i = 0; i < sizeof(session->key.binders) /