Use CBS_write_bytes() instead of manual unpacking of a CBS and assigning

length and using memcpy(). This also provides a missing overflow check (which is done by the only caller, however). ok jsing
author: tb <> 2022-06-07 17:49:22 +0000
committer: tb <> 2022-06-07 17:49:22 +0000
commit: 35cf68a824e7b45b42bc647827673f1fcd97395c (patch)
tree: 6ac8a4ab948ac9d86258fac1761597fd7582e931 /src/lib
parent: 347d0c878cbedc3cac51abde823c8d2af386febd (diff)
download: openbsd-35cf68a824e7b45b42bc647827673f1fcd97395c.tar.gz
openbsd-35cf68a824e7b45b42bc647827673f1fcd97395c.tar.bz2
openbsd-35cf68a824e7b45b42bc647827673f1fcd97395c.zip
1 files changed, 5 insertions, 3 deletions
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index 504c402105..fcb259f6a2 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.115 2022/06/07 17:45:13 tb Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.116 2022/06/07 17:49:22 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -435,8 +435,10 @@ ssl_session_from_cache(SSL *s, CBS *session_id)
        memset(&data, 0, sizeof(data));
        data.ssl_version = s->version;
-        data.session_id_length = CBS_len(session_id);
-        memcpy(data.session_id, CBS_data(session_id), CBS_len(session_id));
+        if (!CBS_write_bytes(session_id, data.session_id,
+            sizeof(data.session_id), &data.session_id_length))
+                return NULL;
        CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
        sess = lh_SSL_SESSION_retrieve(s->session_ctx->internal->sessions, &data);
author	tb <>	2022-06-07 17:49:22 +0000
committer	tb <>	2022-06-07 17:49:22 +0000
commit	35cf68a824e7b45b42bc647827673f1fcd97395c (patch)
tree	6ac8a4ab948ac9d86258fac1761597fd7582e931 /src/lib
parent	347d0c878cbedc3cac51abde823c8d2af386febd (diff)
download	openbsd-35cf68a824e7b45b42bc647827673f1fcd97395c.tar.gz openbsd-35cf68a824e7b45b42bc647827673f1fcd97395c.tar.bz2 openbsd-35cf68a824e7b45b42bc647827673f1fcd97395c.zip

diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index 504c402105..fcb259f6a2 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_sess.c,v 1.115 2022/06/07 17:45:13 tb Exp $ */	1	/* $OpenBSD: ssl_sess.c,v 1.116 2022/06/07 17:49:22 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -435,8 +435,10 @@ ssl_session_from_cache(SSL s, CBS session_id)
435	memset(&data, 0, sizeof(data));	435	memset(&data, 0, sizeof(data));
436		436
437	data.ssl_version = s->version;	437	data.ssl_version = s->version;
438	data.session_id_length = CBS_len(session_id);	438
439	memcpy(data.session_id, CBS_data(session_id), CBS_len(session_id));	439	if (!CBS_write_bytes(session_id, data.session_id,
		440	sizeof(data.session_id), &data.session_id_length))
		441	return NULL;
440		442
441	CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);	443	CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
442	sess = lh_SSL_SESSION_retrieve(s->session_ctx->internal->sessions, &data);	444	sess = lh_SSL_SESSION_retrieve(s->session_ctx->internal->sessions, &data);