TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 324f72ec9c6e77ec4bd215f6d19cd7b7c6e57c58^! / .
commit324f72ec9c6e77ec4bd215f6d19cd7b7c6e57c58[log] [tgz]
authorAndrzej Kurek <andrzej.kurek@arm.com>Wed Sep 29 04:21:21 2021 -0400
committerAndrzej Kurek <andrzej.kurek@arm.com>Wed Sep 29 10:15:52 2021 -0400
tree26e511db0fb4f3fcb56717715a2dd3f2d5e2a148
parent5902cd64e2aa1e3e6be6fde498fa5b3d01fbe4bf [diff]
Fix a bug where the ssl context is used after it's nullified
When not using DEBUG_C, but using the DTLS CID feature -
a null pointer was accessed in ssl_tls.c.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f16157a..821506f 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -693,8 +693,9 @@
     const mbedtls_cipher_info_t *cipher_info;
     const mbedtls_md_info_t *md_info;
 
-#if !defined(MBEDTLS_DEBUG_C)
-    ssl = NULL; /* make sure we don't use it except for this case */
+#if !defined(MBEDTLS_DEBUG_C) && \
+    !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    ssl = NULL; /* make sure we don't use it except for these cases */
     (void) ssl;
 #endif
 

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index f30795c..00939a7 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh

@@ -2083,6 +2083,18 @@
     tests/compat.sh
 }
 
+component_test_CID_no_debug() {
+    msg "build: Connection ID enabled, debug disabled"
+    scripts/config.py unset MBEDTLS_DEBUG_C
+    scripts/config.py set MBEDTLS_SSL_DTLS_CONNECTION_ID
+
+    CC=gcc cmake .
+    make
+
+    msg "test: Connection ID enabled, debug disabled"
+    make test
+}
+
 component_test_ssl_alloc_buffer_and_mfl () {
     msg "build: default config with memory buffer allocator and MFL extension"
     scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C