mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 13:40:49 +02:00
Merge pull request #9782 from kareem-wolfssl/zd21204
Ensure length is at least ID_LEN in SetTicket.
This commit is contained in:
+12
-3
@@ -34817,6 +34817,8 @@ exit_scv:
|
||||
#ifdef HAVE_SESSION_TICKET
|
||||
int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length)
|
||||
{
|
||||
word32 sessIdLen = ID_LEN;
|
||||
|
||||
if (!HaveUniqueSessionObj(ssl))
|
||||
return MEMORY_ERROR;
|
||||
|
||||
@@ -34838,10 +34840,13 @@ int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length)
|
||||
ssl->session->ticketLen = (word16)length;
|
||||
|
||||
if (length > 0) {
|
||||
if (length < ID_LEN)
|
||||
sessIdLen = length;
|
||||
XMEMCPY(ssl->session->ticket, ticket, length);
|
||||
if (ssl->session_ticket_cb != NULL) {
|
||||
ssl->session_ticket_cb(ssl,
|
||||
ssl->session->ticket, ssl->session->ticketLen,
|
||||
ssl->session->ticket,
|
||||
ssl->session->ticketLen,
|
||||
ssl->session_ticket_ctx);
|
||||
}
|
||||
/* Create a fake sessionID based on the ticket, this will
|
||||
@@ -34849,15 +34854,19 @@ int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length)
|
||||
ssl->options.haveSessionId = 1;
|
||||
#ifdef WOLFSSL_TLS13
|
||||
if (ssl->options.tls1_3) {
|
||||
XMEMSET(ssl->session->sessionID, 0, ID_LEN);
|
||||
XMEMCPY(ssl->session->sessionID,
|
||||
ssl->session->ticket + length - ID_LEN, ID_LEN);
|
||||
ssl->session->ticket + length - sessIdLen,
|
||||
sessIdLen);
|
||||
ssl->session->sessionIDSz = ID_LEN;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
{
|
||||
XMEMSET(ssl->arrays->sessionID, 0, ID_LEN);
|
||||
XMEMCPY(ssl->arrays->sessionID,
|
||||
ssl->session->ticket + length - ID_LEN, ID_LEN);
|
||||
ssl->session->ticket + length - sessIdLen,
|
||||
sessIdLen);
|
||||
ssl->arrays->sessionIDSz = ID_LEN;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user