Add cipher asserts for read/write app data. Allow the fuzzers to treat this situation, if they ever discover it, as a bug. Change-Id: Ie6f1562e9b185d49463cf1a6db28d28780169b11 Reviewed-on: https://boringssl-review.googlesource.com/14424 Reviewed-by: David Benjamin <davidben@google.com>

commit: a0ba400c33c5919fb0c25f165133446cb6dec5c0 [log] [tgz]
author: Steven Valdez <svaldez@google.com> Tue Mar 28 16:48:17 2017 -0400
committer: David Benjamin <davidben@google.com> Tue Mar 28 21:02:56 2017 +0000
tree: fe2aaf0aa93347edf774fbfe15d80862eb467eeb
parent: ccbb165d9819f8abbf28cd6a4604d25839d445ed [diff]
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index c2d30ca..fc21c2c 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c

@@ -190,6 +190,7 @@
 
 int ssl3_write_app_data(SSL *ssl, const uint8_t *buf, int len) {
   assert(ssl_can_write(ssl));
+  assert(ssl->s3->aead_write_ctx != NULL);
 
   unsigned tot, n, nw;
 
@@ -326,6 +327,7 @@
 int ssl3_read_app_data(SSL *ssl, int *out_got_handshake, uint8_t *buf, int len,
                        int peek) {
   assert(ssl_can_read(ssl));
+  assert(ssl->s3->aead_read_ctx != NULL);
   *out_got_handshake = 0;
 
   ssl->method->release_current_message(ssl, 0 /* don't free buffer */);
commit	a0ba400c33c5919fb0c25f165133446cb6dec5c0	[log] [tgz]
author	Steven Valdez <svaldez@google.com>	Tue Mar 28 16:48:17 2017 -0400
committer	David Benjamin <davidben@google.com>	Tue Mar 28 21:02:56 2017 +0000
tree	fe2aaf0aa93347edf774fbfe15d80862eb467eeb
parent	ccbb165d9819f8abbf28cd6a4604d25839d445ed [diff]