From cb5bca8e8af619a5a6548e5d1a2b2aa0c9accc25 Mon Sep 17 00:00:00 2001
From: Adam Langley <agl@golang.org>
Date: Thu, 9 Jul 2015 15:42:02 -0700
Subject: [PATCH] crypto/tls: reject ServerHellos with empty ALPN protocols.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

https://tools.ietf.org/html/rfc7301#section-3.1 specifies that a
ProtocolName may not be empty. This change enforces this for ServerHello
messages—it's already enforced for ClientHello messages.

Change-Id: Ic5a5be6bebf07fba90a3cabd10b07ab7b4337f53
Reviewed-on: https://go-review.googlesource.com/12003
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
---
 src/crypto/tls/handshake_messages.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/crypto/tls/handshake_messages.go b/src/crypto/tls/handshake_messages.go
index 799a776799a..111ce53487a 100644
--- a/src/crypto/tls/handshake_messages.go
+++ b/src/crypto/tls/handshake_messages.go
@@ -763,6 +763,10 @@ func (m *serverHelloMsg) unmarshal(data []byte) bool {
 				return false
 			}
 			d = d[1:]
+			if len(d) == 0 {
+				// ALPN protocols must not be empty.
+				return false
+			}
 			m.alpnProtocol = string(d)
 		case extensionSCT:
 			d := data[:length]