mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-03 01:20:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix a bug where the ssl context is used after it's nullified

Browse Source 
When not using DEBUG_C, but using the DTLS CID feature -
a null pointer was accessed in ssl_tls.c.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
This commit is contained in:
Andrzej Kurek 2021-09-29 04:21:21 -04:00
parent 5902cd64e2
commit 324f72ec9c
2 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
library/ssl_tls.c
View File

@ -693,8 +693,9 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
const mbedtls_cipher_info_t *cipher_info; const mbedtls_cipher_info_t *cipher_info;
const mbedtls_md_info_t *md_info; const mbedtls_md_info_t *md_info;
#if !defined(MBEDTLS_DEBUG_C) #if !defined(MBEDTLS_DEBUG_C) && \
ssl = NULL; /* make sure we don't use it except for this case */ !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ssl = NULL; /* make sure we don't use it except for these cases */
(void) ssl; (void) ssl;
#endif #endif

12
tests/scripts/all.sh
View File

@ -2083,6 +2083,18 @@ component_test_variable_ssl_in_out_buffer_len_CID () {
tests/compat.sh tests/compat.sh
} }
component_test_CID_no_debug() {
msg "build: Connection ID enabled, debug disabled"
scripts/config.py unset MBEDTLS_DEBUG_C
scripts/config.py set MBEDTLS_SSL_DTLS_CONNECTION_ID
CC=gcc cmake .
make
msg "test: Connection ID enabled, debug disabled"
make test
}
component_test_ssl_alloc_buffer_and_mfl () { component_test_ssl_alloc_buffer_and_mfl () {
msg "build: default config with memory buffer allocator and MFL extension" msg "build: default config with memory buffer allocator and MFL extension"
scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C