From 4a66706fbbbe069608cb2bf2326c38e57a5db20b Mon Sep 17 00:00:00 2001
From: Arjun <150156386+arjunbhat1@users.noreply.github.com>
Date: Mon, 14 Oct 2024 21:33:55 +0200
Subject: [PATCH] Fix corruption of certain packets containing invalid TLS
 extension fields (#4554)

* Fix corruption of certain packets with invalid TLS extension fields

* Use idioms

---------

Co-authored-by: gpotter2 <10530980+gpotter2@users.noreply.github.com>
---
 scapy/layers/tls/extensions.py | 2 ++
 test/scapy/layers/tls/tls.uts  | 5 +++++
 2 files changed, 7 insertions(+)

diff --git a/scapy/layers/tls/extensions.py b/scapy/layers/tls/extensions.py
index 87ffe6721..42dfa6f60 100644
--- a/scapy/layers/tls/extensions.py
+++ b/scapy/layers/tls/extensions.py
@@ -843,4 +843,6 @@ class _ExtensionsField(StrLenField):
                 cls = _tls_ext_early_data_cls.get(pkt.msgtype, TLS_Ext_Unknown)
             res.append(cls(m[:tmp_len + 4], tls_session=pkt.tls_session))
             m = m[tmp_len + 4:]
+        if m:
+            res.append(conf.raw_layer(m))
         return res
diff --git a/test/scapy/layers/tls/tls.uts b/test/scapy/layers/tls/tls.uts
index 95a7c34a3..a240a4f05 100644
--- a/test/scapy/layers/tls/tls.uts
+++ b/test/scapy/layers/tls/tls.uts
@@ -1561,6 +1561,11 @@ data = '1603031616020000660303602161b58e22f4966f18f9aa6afd5759f343935ed437cf09c5
 pkt = TLS(bytes.fromhex(data))
 assert [type(x) for x in pkt.msg] == [TLSServerHello, TLSCertificate, TLSCertificateStatus, TLSServerKeyExchange, TLSServerHelloDone]
 
+= Issue 3853
+data = hex_bytes("16030300360200002e030342615f0b32366c85b5de265ec99fd68c59079d9783dc2f547592fe12f4ab3fde00c02c000015ff01000100000e000000")
+tls_packet = TLS(data)
+assert raw(tls_packet) == data
+
 ###############################################################################
 ############################ Automaton behaviour ##############################
 ###############################################################################