Google Git
Sign in
boringssl/boringssl.git/32b47a5e3530aa1b53fbd69204ea0975499b4a4a^!/.
commit
32b47a5e3530aa1b53fbd69204ea0975499b4a4a
[log]
author
David Benjamin <davidben@google.com>
Mon Nov 14 21:19:17 2016 +0900
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Tue Nov 15 06:57:54 2016 +0000
tree
f73775452222097ca6c3e4c180fdb19597684004
parent
a833c357edae4eb7f47b9808bf744bd9bb0df18d [diff]
Allow PSK binder mismatches in fuzzer mode.

BUG=112

Change-Id: I88ef17e32e33b091ff1e27b7950f88e1d48f9278
Reviewed-on: https://boringssl-review.googlesource.com/12239
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
index c846d9c..d87d8a6 100644
--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c

@@ -438,8 +438,12 @@
     return 0;
   }
 
-  if (CBS_len(&binder) != hash_len ||
-      CRYPTO_memcmp(CBS_data(&binder), verify_data, hash_len) != 0) {
+  int binder_ok = CBS_len(&binder) == hash_len &&
+                  CRYPTO_memcmp(CBS_data(&binder), verify_data, hash_len) == 0;
+#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
+  binder_ok = 1;
+#endif
+  if (!binder_ok) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED);
     return 0;
   }