summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/stack/safestack.h
diff options
context:
space:
mode:
authorjsing <>2020-02-16 16:36:40 +0000
committerjsing <>2020-02-16 16:36:40 +0000
commit5f232a5347aa50b02963840b94a44e39ca4a5d4d (patch)
tree5ad7d065edd1539e670f2b19b2c2833d83e60d0c /src/lib/libcrypto/stack/safestack.h
parent30dd34166845e9c6dd25a36682400e4e3a485065 (diff)
downloadopenbsd-5f232a5347aa50b02963840b94a44e39ca4a5d4d.tar.gz
openbsd-5f232a5347aa50b02963840b94a44e39ca4a5d4d.tar.bz2
openbsd-5f232a5347aa50b02963840b94a44e39ca4a5d4d.zip
Avoid potential NULL dereference when parsing a server keyshare extension.
It is currently possible for key_share to be NULL when a TLS client receives a keyshare extension. However, for this to occur the client has to be doing TLS 1.2 or earlier, which means that it was invalid for the server to send the extension. As such, check for NULL and treat it as an invalid extension. Found by oss-fuzz (#20741 and #20745). ok inoguchi@ tb@
Diffstat (limited to 'src/lib/libcrypto/stack/safestack.h')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-04 15:20:32 +0000