From: tb <tb@openbsd.org>
Date: Mon, 24 Apr 2023 16:55:06 +0000 (+0000)
Subject: Free and calloc() the tlsext_build_order and remember its length
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=2454fc3a826e0e308627066066504371dcefbdda;p=openbsd

Free and calloc() the tlsext_build_order and remember its length

Aligns tlsext_randomize_build_order() with tlsext_linearize_build_order()
and will help regression testing.

ok jsing
---

diff --git a/lib/libssl/ssl_tlsext.c b/lib/libssl/ssl_tlsext.c
index 8c4261439ae..f94469949cb 100644
--- a/lib/libssl/ssl_tlsext.c
+++ b/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_tlsext.c,v 1.133 2023/04/24 15:32:31 tb Exp $ */
+/* $OpenBSD: ssl_tlsext.c,v 1.134 2023/04/24 16:55:06 tb Exp $ */
 /*
  * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -2247,9 +2247,13 @@ tlsext_randomize_build_order(SSL *s)
 	size_t idx, new_idx, psk_idx;
 	size_t alpn_idx, sni_idx;
 
-	if ((s->tlsext_build_order = calloc(sizeof(*s->tlsext_build_order),
+	free(s->tlsext_build_order);
+	s->tlsext_build_order_len = 0;
+
+	if ((s->tlsext_build_order = calloc(s->tlsext_build_order_len,
 	    N_TLS_EXTENSIONS)) == NULL)
 		return 0;
+	s->tlsext_build_order_len = N_TLS_EXTENSIONS;
 
 	/* RFC 8446, section 4.2: PSK must be the last extension in the CH. */
 	psk_idx = N_TLS_EXTENSIONS - 1;
@@ -2292,6 +2296,14 @@ tlsext_linearize_build_order(SSL *s)
 {
 	size_t idx;
 
+	free(s->tlsext_build_order);
+	s->tlsext_build_order_len = 0;
+
+	if ((s->tlsext_build_order = calloc(s->tlsext_build_order_len,
+	    N_TLS_EXTENSIONS)) == NULL)
+		return 0;
+	s->tlsext_build_order_len = N_TLS_EXTENSIONS;
+
 	for (idx = 0; idx < N_TLS_EXTENSIONS; idx++)
 		s->tlsext_build_order[idx] = &tls_extensions[idx];