From 634412e48e5bb8a467c81c0e1ca56c3b5b343fed Mon Sep 17 00:00:00 2001 From: jsing <> Date: Thu, 28 Dec 2017 12:52:45 +0000 Subject: Initialise new_cipher in the serverhello TLS extensions test, to avoid a NULL pointer dereference in ssl_using_ecc_cipher(). Some compilers avoid triggering this, likely due to the EC formats list also being NULL. While here, setup the EC formats list so that we actually include the EC points format extension in the server hello extensions. Found the hard way by bcook@ --- src/regress/lib/libssl/tlsext/tlsexttest.c | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c index 6a68344506..d628299e3e 100644 --- a/src/regress/lib/libssl/tlsext/tlsexttest.c +++ b/src/regress/lib/libssl/tlsext/tlsexttest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tlsexttest.c,v 1.17 2017/11/28 16:40:21 jsing Exp $ */ +/* $OpenBSD: tlsexttest.c,v 1.18 2017/12/28 12:52:45 jsing Exp $ */ /* * Copyright (c) 2017 Joel Sing * Copyright (c) 2017 Doug Hogan @@ -2835,8 +2835,9 @@ test_tlsext_clienthello_build(void) unsigned char tlsext_serverhello_default[] = {}; unsigned char tlsext_serverhello_enabled[] = { - 0x00, 0x0d, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, - 0x05, 0x00, 0x00, 0x00, 0x23, 0x00, 0x00, + 0x00, 0x13, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, + 0x05, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01, + 0x00, 0x00, 0x23, 0x00, 0x00, }; static int @@ -2861,6 +2862,9 @@ test_tlsext_serverhello_build(void) if ((ssl->session = SSL_SESSION_new()) == NULL) errx(1, "failed to create session"); + S3I(ssl)->hs.new_cipher = + ssl3_get_cipher_by_id(TLS1_CK_RSA_WITH_AES_128_SHA256); + if (!tlsext_serverhello_build(ssl, &cbb)) { FAIL("failed to build serverhello extensions\n"); goto err; @@ -2888,8 +2892,15 @@ test_tlsext_serverhello_build(void) /* Turn a few things on so we get extensions... */ S3I(ssl)->send_connection_binding = 1; + S3I(ssl)->hs.new_cipher = + ssl3_get_cipher_by_id(TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256); ssl->internal->tlsext_status_expected = 1; ssl->internal->tlsext_ticket_expected = 1; + if ((SSI(ssl)->tlsext_ecpointformatlist = malloc(1)) == NULL) + errx(1, "malloc failed"); + SSI(ssl)->tlsext_ecpointformatlist_length = 1; + SSI(ssl)->tlsext_ecpointformatlist[0] = + TLSEXT_ECPOINTFORMAT_uncompressed; if (!tlsext_serverhello_build(ssl, &cbb)) { FAIL("failed to build serverhello extensions\n"); -- cgit v1.2.3-55-g6feb