Switch to legacy method late in tls13_use_legacy_stack() - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2023-11-28 13:19:04 +0000
committer	tb <>	2023-11-28 13:19:04 +0000
commit	46107348a293c6705c99e4c1c478f0f02ec3abfb (patch)
tree	b2aa716815fa7c1b8c0f2e5c5547467a8e108baf /src/lib/libssl/ssl_lib.c
parent	696efe761eacd6872932fb223f3b1c3c84f0adf3 (diff)
download	openbsd-46107348a293c6705c99e4c1c478f0f02ec3abfb.tar.gz openbsd-46107348a293c6705c99e4c1c478f0f02ec3abfb.tar.bz2 openbsd-46107348a293c6705c99e4c1c478f0f02ec3abfb.zip

Switch to legacy method late in tls13_use_legacy_stack()

If memory allocation of s->init_buf fails in ssl3_setup_init_buffer() during downgrade to the legacy stack, the legacy state machine would resume with an incorrectly set up SSL, resulting in a NULL dereference. The fix is to switch to the legacy method only after the SSL is fully set up. There is a second part to this fix, which will be committed once we manage to agree on the color of the bikeshed. Detailed analysis and patch from Masaru Masuda, many thanks! https://github.com/libressl/openbsd/issues/146 ok jsing

Diffstat (limited to 'src/lib/libssl/ssl_lib.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: