Zero out data to avoid leaving stack garbage in the tail of

the session id in case the copied session id is shorter than SSL_MAX_SESSION_ID_LENGTH. long standing bug pointed out by jsing
author: tb <tb@openbsd.org> 2020-09-01 19:17:36 +0000
committer: tb <tb@openbsd.org> 2020-09-01 19:17:36 +0000
commit: a71df53937d4b55e72eecc24177da2d93edd6cd0 (patch)
tree: 01fb9e9d056eb23c59d20552d5fde84589c0276f /lib/libssl/ssl_sess.c
parent: Implement address translation for bus_space_mmap(9). (diff)
download: wireguard-openbsd-a71df53937d4b55e72eecc24177da2d93edd6cd0.tar.xz
wireguard-openbsd-a71df53937d4b55e72eecc24177da2d93edd6cd0.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/libssl/ssl_sess.c b/lib/libssl/ssl_sess.c
index d46c85411b3..3f1b987a7cc 100644
--- a/lib/libssl/ssl_sess.c
+++ b/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.95 2020/09/01 17:45:17 tb Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.96 2020/09/01 19:17:36 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -423,6 +423,8 @@ ssl_session_from_cache(SSL *s, CBS *session_id)
 	     SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
 		return NULL;
 
+	memset(&data, 0, sizeof(data));
+
 	data.ssl_version = s->version;
 	data.session_id_length = CBS_len(session_id);
 	memcpy(data.session_id, CBS_data(session_id), CBS_len(session_id));
author	tb <tb@openbsd.org>	2020-09-01 19:17:36 +0000
committer	tb <tb@openbsd.org>	2020-09-01 19:17:36 +0000
commit	a71df53937d4b55e72eecc24177da2d93edd6cd0 (patch)
tree	01fb9e9d056eb23c59d20552d5fde84589c0276f /lib/libssl/ssl_sess.c
parent	Implement address translation for bus_space_mmap(9). (diff)
download	wireguard-openbsd-a71df53937d4b55e72eecc24177da2d93edd6cd0.tar.xz wireguard-openbsd-a71df53937d4b55e72eecc24177da2d93edd6cd0.zip