From 30e5d768a5dd3b45c4027a17d6156775f01b02a2 Mon Sep 17 00:00:00 2001
From: Achim Kraus <achim.kraus@cloudcoap.net>
Date: Tue, 13 May 2025 13:00:53 +0200
Subject: [PATCH] dtls.c: complete verification of length of Alert record.

Fixes issue #255

Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
---
 dtls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dtls.c b/dtls.c
index 47590c27..dbc0ba44 100644
--- a/dtls.c
+++ b/dtls.c
@@ -4491,7 +4491,7 @@ handle_alert(dtls_context_t *ctx, dtls_peer_t *peer,
 
   assert(peer);
 
-  if (data_length < 2)
+  if (data_length != 2)
     return dtls_alert_fatal_create(DTLS_ALERT_DECODE_ERROR);
 
   dtls_info("** Alert: level %d, description %d\n", data[0], data[1]);