From 9fdf7cb97ab760e77b1b35c902f70810c9ae8798 Mon Sep 17 00:00:00 2001
From: Matthew Braithwaite <mab@google.com>
Date: Fri, 4 May 2018 09:28:50 -0700
Subject: [PATCH] SSL_apply_handback: check session is where it's expected to
 be.

Found by fuzzing.

Change-Id: I831f7869b16486eef7ac887ee199450e38461086
Reviewed-on: https://boringssl-review.googlesource.com/28044
Commit-Queue: Matt Braithwaite <mab@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>
---
 ssl/handoff.cc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ssl/handoff.cc b/ssl/handoff.cc
index 5ba1d117..bacb6fdf 100644
--- a/ssl/handoff.cc
+++ b/ssl/handoff.cc
@@ -265,6 +265,9 @@ bool SSL_apply_handback(SSL *ssl, Span<const uint8_t> handback) {
   s3->hs->state = CBS_len(&transcript) == 0 ? state12_finish_server_handshake
                                             : state12_read_client_certificate;
   s3->session_reused = session_reused;
+  if (s3->hs->state == state12_read_client_certificate && session_reused) {
+    return false;
+  }
   s3->tlsext_channel_id_valid = channel_id_valid;
   s3->next_proto_negotiated.CopyFrom(next_proto);
   s3->alpn_selected.CopyFrom(alpn);