Google Git
Sign in
boringssl/boringssl.git/81f433540ef5f34769e0febd429be065dff886fa^!/.
commit
81f433540ef5f34769e0febd429be065dff886fa
[log]
author
Adam Langley <agl@google.com>
Fri Aug 26 09:22:56 2016 -0700
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Fri Aug 26 17:42:41 2016 +0000
tree
df5e8bc27925d95451d6468b8ac52784cf9a13a8
parent
07e7806177c92dede456874e74d4c92d8dc224b2 [diff]
Don't crash when a session callback returns NULL.

4aa154e08fdc0a0c57df9e19ea3a303a2b99aed0 changed the code to assume that
a session callback will zero the |copy| out-arg before returning NULL.
In practice this doesn't always happen and we should be robust against
it.

Change-Id: I0fd14969df836e0fa4f68ded8648fea8094ff9d7
Reviewed-on: https://boringssl-review.googlesource.com/10640
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/ssl_session.c b/ssl/ssl_session.c
index e763fd3..3a56dcd 100644
--- a/ssl/ssl_session.c
+++ b/ssl/ssl_session.c

@@ -633,6 +633,10 @@
     session = ssl->initial_ctx->get_session_cb(ssl, (uint8_t *)session_id,
                                                session_id_len, &copy);
 
+    if (session == NULL) {
+      return ssl_session_success;
+    }
+
     if (session == SSL_magic_pending_session_ptr()) {
       return ssl_session_retry;
     }
@@ -646,8 +650,7 @@
     }
 
     /* Add the externally cached session to the internal cache if necessary. */
-    if (session != NULL &&
-        !(ssl->initial_ctx->session_cache_mode &
+    if (!(ssl->initial_ctx->session_cache_mode &
           SSL_SESS_CACHE_NO_INTERNAL_STORE)) {
       SSL_CTX_add_session(ssl->initial_ctx, session);
     }