commit 44a389a7fce31013b5953038d4231f33cbf2ba9d
author David Benjamin <davidben@google.com> Sat Dec 10 00:46:54 2022 -0500
committer Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> Fri Apr 07 06:50:36 2023 +0000
tree 503c682f40f0e58a3400fad198315079d0e017f7
parent e8b168dffef7c423ade6b5d21953dfed454a80b9

Tidy up some lengths in SSL_SESSION

Normally these would be size_t, but we try to reduce per-connection
memory in libssl, so use uint8_t, then add asserts, checks, and casts as
appropriate.

Bug: 516
Change-Id: Ibdd9d88f2b05173daee2db5f6fb77d619302bfdf
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/58547
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: David Benjamin <davidben@google.com>

ssl/handshake_client.cc

diff --git a/ssl/handshake_client.cc b/ssl/handshake_client.cc
index e7dca1b..3e63019 100644
--- a/ssl/handshake_client.cc
+++ b/ssl/handshake_client.cc
@@ -833,11 +833,18 @@
       ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
       return ssl_hs_error;
     }
-    // Note: session_id could be empty.
-    hs->new_session->session_id_length = CBS_len(&server_hello.session_id);
+
+    // Save the session ID from the server. This may be empty if the session
+    // isn't resumable, or if we'll receive a session ticket later.
+    assert(CBS_len(&server_hello.session_id) <= SSL3_SESSION_ID_SIZE);
+    static_assert(SSL3_SESSION_ID_SIZE <= UINT8_MAX,
+                  "max session ID is too large");
+    hs->new_session->session_id_length =
+        static_cast<uint8_t>(CBS_len(&server_hello.session_id));
     OPENSSL_memcpy(hs->new_session->session_id,
                    CBS_data(&server_hello.session_id),
                    CBS_len(&server_hello.session_id));
+
     hs->new_session->cipher = hs->new_cipher;
   }