boringssl/ssl
Adam Langley e976e4349d Don't read uninitialised data for short session IDs.
While it's always safe to read |SSL_MAX_SSL_SESSION_ID_LENGTH| bytes
from an |SSL_SESSION|'s |session_id| array, the hash function would do
so with without considering if all those bytes had been written to.

This change checks |session_id_length| before possibly reading
uninitialised memory. Since the result of the hash function was already
attacker controlled, and since a lookup of a short session ID will
always fail, it doesn't appear that this is anything more than a clean
up.

BUG=586800

Change-Id: I5f59f245b51477d6d4fa2cdc20d40bb6b4a3eae7
Reviewed-on: https://boringssl-review.googlesource.com/7150
Reviewed-by: David Benjamin <davidben@google.com>
2016-02-18 15:45:48 +00:00
..
pqueue Don't cast |OPENSSL_malloc|/|OPENSSL_realloc| result. 2016-02-11 22:07:56 +00:00
test Drop dh->q in bssl_shim when -use-sparse-dh-prime is passed. 2016-02-02 19:18:27 +00:00
CMakeLists.txt Implement draft-ietf-tls-curve25519-01 in C. 2015-12-22 21:51:30 +00:00
custom_extensions.c Align the SSL stack on #include style. 2015-09-15 23:32:07 +00:00
d1_both.c Switch s to ssl everywhere. 2015-12-22 23:28:22 +00:00
d1_clnt.c Prune finished labels from SSL3_ENC_METHOD. 2016-01-15 22:04:53 +00:00
d1_lib.c Don't initialize enc_method before version negotiation. 2016-01-27 21:38:12 +00:00
d1_meth.c Pull ChangeCipherSpec into the handshake state machine. 2015-12-16 18:36:57 +00:00
d1_pkt.c Move aead_{read,write}_ctx and next_proto_negotiated into ssl->s3. 2016-01-15 21:40:25 +00:00
d1_srtp.c Add defines for SRTP profiles using GCM ciphers from RFC 7714. 2015-12-10 23:18:16 +00:00
d1_srvr.c Prune finished labels from SSL3_ENC_METHOD. 2016-01-15 22:04:53 +00:00
dtls_record.c Move aead_{read,write}_ctx and next_proto_negotiated into ssl->s3. 2016-01-15 21:40:25 +00:00
internal.h Remove alert mapping machinery. 2016-01-27 21:28:48 +00:00
s3_both.c Don't initialize enc_method before version negotiation. 2016-01-27 21:38:12 +00:00
s3_clnt.c Don't initialize enc_method before version negotiation. 2016-01-27 21:38:12 +00:00
s3_enc.c Remove alert mapping machinery. 2016-01-27 21:28:48 +00:00
s3_lib.c Align SSL_CTX_set1_tls_channel_id with SSL_set1_tls_channel_id. 2016-01-27 21:51:39 +00:00
s3_meth.c Pull ChangeCipherSpec into the handshake state machine. 2015-12-16 18:36:57 +00:00
s3_pkt.c Remove alert mapping machinery. 2016-01-27 21:28:48 +00:00
s3_srvr.c Don't initialize enc_method before version negotiation. 2016-01-27 21:38:12 +00:00
ssl_aead_ctx.c Don't cast |OPENSSL_malloc|/|OPENSSL_realloc| result. 2016-02-11 22:07:56 +00:00
ssl_asn1.c Check for overflow when parsing a CBS with d2i_*. 2015-11-16 23:17:42 +00:00
ssl_buffer.c Remove SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER. 2015-12-15 19:14:00 +00:00
ssl_cert.c Don't cast |OPENSSL_malloc|/|OPENSSL_realloc| result. 2016-02-11 22:07:56 +00:00
ssl_cipher.c Don't cast |OPENSSL_malloc|/|OPENSSL_realloc| result. 2016-02-11 22:07:56 +00:00
ssl_ecdh.c Add EC_POINT_point2cbb. 2016-02-02 19:04:33 +00:00
ssl_file.c More SSL_SESSION serialization functions. 2015-10-26 17:57:50 +00:00
ssl_lib.c Don't read uninitialised data for short session IDs. 2016-02-18 15:45:48 +00:00
ssl_rsa.c Add get0 getters for EVP_PKEY. 2015-11-20 23:34:12 +00:00
ssl_session.c Don't cast |OPENSSL_malloc|/|OPENSSL_realloc| result. 2016-02-11 22:07:56 +00:00
ssl_stat.c Document alert handling. 2015-10-20 19:03:24 +00:00
ssl_test.cc Fix SSL_get_{read,write}_sequence. 2016-02-17 22:05:29 +00:00
t1_enc.c Don't cast |OPENSSL_malloc|/|OPENSSL_realloc| result. 2016-02-11 22:07:56 +00:00
t1_lib.c Don't cast |OPENSSL_malloc|/|OPENSSL_realloc| result. 2016-02-11 22:07:56 +00:00
tls_record.c Replace enc_flags with normalized version checks. 2016-01-27 21:17:55 +00:00