commit e4d14208aa3bd6573514dfbea3ac3181f1bb8ad0
author Jaeden Amero <jaeden.amero@arm.com> Fri Aug 17 15:31:58 2018 +0100
committer Jaeden Amero <jaeden.amero@arm.com> Fri Aug 17 15:31:58 2018 +0100
tree cd56d950f2716de1712e167684a1b2836c1fd0e5
parent ab397dd47cfb75ac41919d9f6368de4c95c618d1
parent 7e84affb4580554dfb882fd2acfd89a3d15afb95

Merge remote-tracking branch 'upstream-public/pr/1953' into mbedtls-2.7

ChangeLog

diff --git a/ChangeLog b/ChangeLog
index d287c5f..78e9ebf 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,8 @@
    * Add ecc extensions only if an ecc based ciphersuite is used.
      This improves compliance to RFC 4492, and as a result, solves
      interoperability issues with BouncyCastle. Raised by milenamil in #1157.
+   * Fix potential use-after-free in mbedtls_ssl_get_max_frag_len()
+     and mbedtls_ssl_get_record_expansion() after a session reset. Fixes #1941.
 
 Changes
    * Improve compatibility with some alternative CCM implementations by using

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index ca9b8c4..716eabe 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -5911,7 +5911,11 @@
     ssl->transform_in = NULL;
     ssl->transform_out = NULL;
 
+    ssl->session_in = NULL;
+    ssl->session_out = NULL;
+
     memset( ssl->out_buf, 0, MBEDTLS_SSL_BUFFER_LEN );
+
     if( partial == 0 )
         memset( ssl->in_buf, 0, MBEDTLS_SSL_BUFFER_LEN );
 
@@ -6687,14 +6691,14 @@
     size_t transform_expansion;
     const mbedtls_ssl_transform *transform = ssl->transform_out;
 
+    if( transform == NULL )
+        return( (int) mbedtls_ssl_hdr_len( ssl ) );
+
 #if defined(MBEDTLS_ZLIB_SUPPORT)
     if( ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL )
         return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
 #endif
 
-    if( transform == NULL )
-        return( (int) mbedtls_ssl_hdr_len( ssl ) );
-
     switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ) )
     {
         case MBEDTLS_MODE_GCM: