Avoid potential NULL dereference when parsing a server keyshare extension. - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	jsing <jsing@openbsd.org>	2020-02-16 16:36:40 +0000
committer	jsing <jsing@openbsd.org>	2020-02-16 16:36:40 +0000
commit	796dcee2da299c6a1506a37d5d22cf37cfa3bf83 (patch)
tree	a3a0371333b2b9f02e82454edc1cf00784b86de8 /usr.bin/dig/lib/isc/timer.c
parent	Avoid leak for tmp.x25519 (diff)
download	wireguard-openbsd-796dcee2da299c6a1506a37d5d22cf37cfa3bf83.tar.xz wireguard-openbsd-796dcee2da299c6a1506a37d5d22cf37cfa3bf83.zip

Avoid potential NULL dereference when parsing a server keyshare extension.

It is currently possible for key_share to be NULL when a TLS client receives a keyshare extension. However, for this to occur the client has to be doing TLS 1.2 or earlier, which means that it was invalid for the server to send the extension. As such, check for NULL and treat it as an invalid extension. Found by oss-fuzz (#20741 and #20745). ok inoguchi@ tb@

Diffstat (limited to 'usr.bin/dig/lib/isc/timer.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: