Fix ECH error code: use BUFFER_ERROR for malformed peer input

LinuxJedi · LinuxJedi · commit 110f5cb4427d · 2026-02-26T14:09:01.000Z
Change innerClientHelloLen underflow guard in TLSX_ECH_Parse from
BAD_FUNC_ARG to BUFFER_ERROR to match the convention used throughout
tls.c for wire-protocol length/bounds validation.
diff --git a/src/tls.c b/src/tls.c
@@ -13606,7 +13606,7 @@ static int TLSX_ECH_Parse(WOLFSSL* ssl, const byte* readBuf, word16 size,
         /* read hello inner len */
         ato16(readBuf_p, &ech->innerClientHelloLen);
         if (ech->innerClientHelloLen < WC_AES_BLOCK_SIZE) {
-            return BAD_FUNC_ARG;
+            return BUFFER_ERROR;
         }
         ech->innerClientHelloLen -= WC_AES_BLOCK_SIZE;
         readBuf_p += 2;

Original file line number	Diff line number	Diff line change
`@@ -13606,7 +13606,7 @@ static int TLSX_ECH_Parse(WOLFSSL* ssl, const byte* readBuf, word16 size,`
`13606`	`13606`	`/* read hello inner len */`
`13607`	`13607`	`ato16(readBuf_p, &ech->innerClientHelloLen);`
`13608`	`13608`	`if (ech->innerClientHelloLen < WC_AES_BLOCK_SIZE) {`
`13609`		`- return BAD_FUNC_ARG;`
	`13609`	`+ return BUFFER_ERROR;`
`13610`	`13610`	`}`
`13611`	`13611`	`ech->innerClientHelloLen -= WC_AES_BLOCK_SIZE;`
`13612`	`13612`	`readBuf_p += 2;`