Skip to content
Snippets Groups Projects
Unverified Commit 25dada8b authored by Andrej Shadura's avatar Andrej Shadura
Browse files

Merge branch 'ubuntu/xenial' into apertis/v2021dev3

parents e6fd63a4 7a7c3092
No related branches found
No related tags found
No related merge requests found
gnutls28 (3.4.10-4ubuntu1.8) xenial; urgency=medium
* d/p/50_Update-session_ticket.c-to-add-support-for-zero-leng.patch:
- add support for zero length session tickets returned from the server,
thanks Rod for the backport and testing! (lp: #1876286)
-- Sebastien Bacher <seb128@ubuntu.com> Wed, 17 Jun 2020 23:06:13 +0200
gnutls28 (3.4.10-4ubuntu1.7co1) apertis; urgency=medium
* Merge changes from Ubuntu Xenial LTS. Remaining Apertis specific
......
From 1d4615aa650dad1c01452d46396c0307304b0245 Mon Sep 17 00:00:00 2001
From: rrivers2 <5981058-rrivers2@users.noreply.gitlab.com>
Date: Sun, 24 May 2020 23:11:01 +0000
Subject: [PATCH] Update session_ticket.c to add support for zero length
session tickets returned from the server
check that ticket_len > 0 prior to calling gnutls_realloc_fast
Signed-off-by: Rod Rivers <5981058-rrivers2@users.noreply.gitlab.com>
---
lib/ext/session_ticket.c | 18 ++++++++++--------
1 file changed, 10 insertions(+), 8 deletions(-)
diff --git a/lib/ext/session_ticket.c b/lib/ext/session_ticket.c
index c854d9c2a..8d4595821 100644
--- a/lib/ext/session_ticket.c
+++ b/lib/ext/session_ticket.c
@@ -680,14 +680,16 @@ int _gnutls_recv_new_session_ticket(gnut
DECR_LENGTH_COM(data_size, ticket_len, ret =
GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
goto error);
- priv->session_ticket =
- gnutls_realloc_fast(priv->session_ticket, ticket_len);
- if (!priv->session_ticket) {
- gnutls_assert();
- ret = GNUTLS_E_MEMORY_ERROR;
- goto error;
+ if (ticket_len > 0) {
+ priv->session_ticket =
+ gnutls_realloc_fast(priv->session_ticket, ticket_len);
+ if (!priv->session_ticket) {
+ gnutls_assert();
+ ret = GNUTLS_E_MEMORY_ERROR;
+ goto error;
+ }
+ memcpy(priv->session_ticket, p, ticket_len);
}
- memcpy(priv->session_ticket, p, ticket_len);
priv->session_ticket_len = ticket_len;
/* Discard the current session ID. (RFC5077 3.4) */
......@@ -40,4 +40,5 @@ insecuresha1-15.patch
insecuresha1-16.patch
allow_broken_priority_string.patch
allow_sha1_priority_string.patch
fallback-for-getrandom.patch
\ No newline at end of file
50_Update-session_ticket.c-to-add-support-for-zero-leng.patch
fallback-for-getrandom.patch
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment