Merge pull request #9782 from kareem-wolfssl/zd21204

Ensure length is at least ID_LEN in SetTicket.
This commit is contained in:
Sean Parkinson
2026-03-02 21:12:29 +10:00
committed by GitHub
+12 -3
View File
@@ -34817,6 +34817,8 @@ exit_scv:
#ifdef HAVE_SESSION_TICKET
int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length)
{
word32 sessIdLen = ID_LEN;
if (!HaveUniqueSessionObj(ssl))
return MEMORY_ERROR;
@@ -34838,10 +34840,13 @@ int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length)
ssl->session->ticketLen = (word16)length;
if (length > 0) {
if (length < ID_LEN)
sessIdLen = length;
XMEMCPY(ssl->session->ticket, ticket, length);
if (ssl->session_ticket_cb != NULL) {
ssl->session_ticket_cb(ssl,
ssl->session->ticket, ssl->session->ticketLen,
ssl->session->ticket,
ssl->session->ticketLen,
ssl->session_ticket_ctx);
}
/* Create a fake sessionID based on the ticket, this will
@@ -34849,15 +34854,19 @@ int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length)
ssl->options.haveSessionId = 1;
#ifdef WOLFSSL_TLS13
if (ssl->options.tls1_3) {
XMEMSET(ssl->session->sessionID, 0, ID_LEN);
XMEMCPY(ssl->session->sessionID,
ssl->session->ticket + length - ID_LEN, ID_LEN);
ssl->session->ticket + length - sessIdLen,
sessIdLen);
ssl->session->sessionIDSz = ID_LEN;
}
else
#endif
{
XMEMSET(ssl->arrays->sessionID, 0, ID_LEN);
XMEMCPY(ssl->arrays->sessionID,
ssl->session->ticket + length - ID_LEN, ID_LEN);
ssl->session->ticket + length - sessIdLen,
sessIdLen);
ssl->arrays->sessionIDSz = ID_LEN;
}
}