summaryrefslogtreecommitdiff
path: root/lib/libssl
diff options
context:
space:
mode:
authorTheo Buehler <tb@cvs.openbsd.org>2022-10-20 15:18:55 +0000
committerTheo Buehler <tb@cvs.openbsd.org>2022-10-20 15:18:55 +0000
commit3c15abc1d1739248c0373ecfdb01bd712248ef09 (patch)
tree544de384d52fbf8054a4ce230f762f5e4a6e96ea /lib/libssl
parent611641d0ad7cb3e0828018a886994ac4a8fd4b1b (diff)
Annotate misuse of EVP_Digest()
The session_id member of SSL_SESSION has 32 bytes for historical reasons. This precisely accommodates a SHA-256 and is currently computed using this hash. If the hash function is ever changed, this will likely overflow. This should be fixed in code. Leave it at an XXX comment for now. Pointed out by jsing
Diffstat (limited to 'lib/libssl')
-rw-r--r--lib/libssl/ssl_clnt.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c
index d5791e3ffca..9cedc084abf 100644
--- a/lib/libssl/ssl_clnt.c
+++ b/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.155 2022/10/02 16:36:41 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.156 2022/10/20 15:18:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -1647,6 +1647,7 @@ ssl3_get_new_session_ticket(SSL *s)
* assumptions elsewhere in OpenSSL. The session ID is set
* to the SHA256 hash of the ticket.
*/
+ /* XXX - ensure this doesn't overflow session_id if hash is changed. */
if (!EVP_Digest(CBS_data(&session_ticket), CBS_len(&session_ticket),
s->session->session_id, &session_id_length, EVP_sha256(), NULL)) {
al = SSL_AD_INTERNAL_ERROR;