Switch to legacy method late in tls13_use_legacy_stack() - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2023-11-28 13:19:04 +0000
committer	tb <>	2023-11-28 13:19:04 +0000
commit	2ef851529997e0374d16c3733749d9cfb616a768 (patch)
tree	b2aa716815fa7c1b8c0f2e5c5547467a8e108baf /src/lib/libssl/s3_lib.c
parent	94f79d473365fa39d5c97755523e59bd8053d85d (diff)
download	openbsd-2ef851529997e0374d16c3733749d9cfb616a768.tar.gz openbsd-2ef851529997e0374d16c3733749d9cfb616a768.tar.bz2 openbsd-2ef851529997e0374d16c3733749d9cfb616a768.zip

Switch to legacy method late in tls13_use_legacy_stack()

If memory allocation of s->init_buf fails in ssl3_setup_init_buffer() during downgrade to the legacy stack, the legacy state machine would resume with an incorrectly set up SSL, resulting in a NULL dereference. The fix is to switch to the legacy method only after the SSL is fully set up. There is a second part to this fix, which will be committed once we manage to agree on the color of the bikeshed. Detailed analysis and patch from Masaru Masuda, many thanks! https://github.com/libressl/openbsd/issues/146 ok jsing

Diffstat (limited to 'src/lib/libssl/s3_lib.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: