From: tb Date: Tue, 7 Jun 2022 17:49:22 +0000 (+0000) Subject: Use CBS_write_bytes() instead of manual unpacking of a CBS and assigning X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=dcb88a9cc755967205040f811060ec1efb7fbf42;p=openbsd Use CBS_write_bytes() instead of manual unpacking of a CBS and assigning length and using memcpy(). This also provides a missing overflow check (which is done by the only caller, however). ok jsing --- diff --git a/lib/libssl/ssl_sess.c b/lib/libssl/ssl_sess.c index 504c4021055..fcb259f6a29 100644 --- a/lib/libssl/ssl_sess.c +++ b/lib/libssl/ssl_sess.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_sess.c,v 1.115 2022/06/07 17:45:13 tb Exp $ */ +/* $OpenBSD: ssl_sess.c,v 1.116 2022/06/07 17:49:22 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -435,8 +435,10 @@ ssl_session_from_cache(SSL *s, CBS *session_id) memset(&data, 0, sizeof(data)); data.ssl_version = s->version; - data.session_id_length = CBS_len(session_id); - memcpy(data.session_id, CBS_data(session_id), CBS_len(session_id)); + + if (!CBS_write_bytes(session_id, data.session_id, + sizeof(data.session_id), &data.session_id_length)) + return NULL; CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); sess = lh_SSL_SESSION_retrieve(s->session_ctx->internal->sessions, &data);