mbedtls/tests
Manuel Pégourié-Gonnard a3d831b9e6 Add test for session_load() from small buffers
This uncovered a bug that led to a double-free (in practice, in general could
be free() on any invalid value): initially the session structure is loaded
with `memcpy()` which copies the previous values of pointers peer_cert and
ticket to heap-allocated buffers (or any other value if the input is
attacker-controlled). Now if we exit before we got a chance to replace those
invalid values with valid ones (for example because the input buffer is too
small, or because the second malloc() failed), then the next call to
session_free() is going to call free() on invalid pointers.

This bug is fixed in this commit by always setting the pointers to NULL right
after they've been read from the serialised state, so that the invalid values
can never be used.

(An alternative would be to NULL-ify them when writing, which was rejected
mostly because we need to do it when reading anyway (as the consequences of
free(invalid) are too severe to take any risk), so doing it when writing as
well is redundant and a waste of code size.)

Also, while thinking about what happens in case of errors, it became apparent
to me that it was bad practice to leave the session structure in an
half-initialised state and rely on the caller to call session_free(), so this
commit also ensures we always clear the structure when loading failed.
2019-08-23 12:48:41 +03:00
..
.jenkins Add Jenkinsfile for PR job 2018-10-19 15:25:10 +01:00
data_files Update certificates to expire in 2029 2019-07-10 16:46:34 +03:00
docker/bionic Improve compatibility with firewalled networks 2019-06-29 17:45:34 -05:00
git-scripts Merge development commit 8e76332 into development-psa 2019-01-31 08:20:20 -05:00
scripts check-names: Consider crypto-sourced header files 2019-08-15 15:24:26 +01:00
suites Add test for session_load() from small buffers 2019-08-23 12:48:41 +03:00
.gitignore Move some ignore patterns to subdirectories 2015-01-28 15:33:23 +00:00
CMakeLists.txt Move fuzz directory to programs 2019-06-27 08:46:45 +02:00
compat-in-docker.sh Clean up file prologue comments 2019-06-29 17:45:34 -05:00
compat.sh Exclude DTLS 1.2 only with older OpenSSL 2019-08-13 10:36:14 +02:00
Descriptions.txt Add selftest program to the list of tests 2014-04-04 16:33:01 +02:00
make-in-docker.sh Clean up file prologue comments 2019-06-29 17:45:34 -05:00
Makefile Remove redundant compiler flag 2019-07-02 20:05:20 +02:00
ssl-opt-in-docker.sh Clean up file prologue comments 2019-06-29 17:45:34 -05:00
ssl-opt.sh Add tests for session copy without serialisation 2019-08-23 12:48:41 +03:00