SSL_apply_handback: check session is where it's expected to be.
Found by fuzzing.
Change-Id: I831f7869b16486eef7ac887ee199450e38461086
Reviewed-on: https://boringssl-review.googlesource.com/28044
Commit-Queue: Matt Braithwaite <mab@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/ssl/handoff.cc b/ssl/handoff.cc
index 5ba1d11..bacb6fd 100644
--- a/ssl/handoff.cc
+++ b/ssl/handoff.cc
@@ -265,6 +265,9 @@
s3->hs->state = CBS_len(&transcript) == 0 ? state12_finish_server_handshake
: state12_read_client_certificate;
s3->session_reused = session_reused;
+ if (s3->hs->state == state12_read_client_certificate && session_reused) {
+ return false;
+ }
s3->tlsext_channel_id_valid = channel_id_valid;
s3->next_proto_negotiated.CopyFrom(next_proto);
s3->alpn_selected.CopyFrom(alpn);