Rémy,
On 4/27/22 07:08, r...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new c8ecaa44f6 66035: Add NULL check on the SSL session reference
c8ecaa44f6 is described below
commit c8ecaa44f6a110873bd7bf8b3c2f08354e2900d8
Author: remm <r...@apache.org>
AuthorDate: Wed Apr 27 13:08:08 2022 +0200
66035: Add NULL check on the SSL session reference
Add NULL check on the SSL session reference in the Panama code before
accessing the session id and creation time.
Should this be done in tcnative as well? Or was this intended to be a
belt-and-suspenders check to avoid the problem whether or not it exists
in tcnative?
I think the attached patch ought to do it for tcnative.
-chris
=== CUT ===
diff --git a/native/src/ssl.c b/native/src/ssl.c
index d59246ea3..5329a93da 100644
--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -2001,8 +2001,12 @@ TCN_IMPLEMENT_CALL(jbyteArray, SSL,
getSessionId)(TCN_STDARGS, jlong ssl)
}
UNREFERENCED(o);
session = SSL_get_session(ssl_);
- session_id = SSL_SESSION_get_id(session, &len);
+ if (NULL == session) {
+ tcn_ThrowException(e, "ssl session is null");
+ return NULL;
+ }
+ session_id = SSL_SESSION_get_id(session, &len);
if (len == 0 || session_id == NULL) {
return NULL;
}
diff --git a/native/src/sslnetwork.c b/native/src/sslnetwork.c
index 6e5960f91..46b253ec8 100644
--- a/native/src/sslnetwork.c
+++ b/native/src/sslnetwork.c
@@ -689,7 +689,7 @@ TCN_IMPLEMENT_CALL(jint, SSLSocket,
renegotiate)(TCN_STDARGS,
#if defined(SSL_OP_NO_TLSv1_3)
session = SSL_get_session(con->ssl);
- if (SSL_SESSION_get_protocol_version(session) == TLS1_3_VERSION) {
+ if (NULL != session && SSL_SESSION_get_protocol_version(session) ==
TLS1_3_VERSION) {
// TLS 1.3 renegotiation
retVal = SSL_verify_client_post_handshake(con->ssl);
if (retVal <= 0) {
=== CUT ===
---
.../org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java | 7 ++++++-
webapps/docs/changelog.xml | 4 ++++
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
index e34759c913..52e0677144 100644
---
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
+++
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
@@ -1568,6 +1568,9 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
var allocator = SegmentAllocator.ofScope(engineScope);
MemorySegment lenPointer =
allocator.allocate(CLinker.C_POINTER);
var session = SSL_get_session(state.ssl);
+ if (MemoryAddress.NULL.equals(session)) {
+ return new byte[0];
+ }
MemoryAddress sessionId = SSL_SESSION_get_id(session,
lenPointer);
int length = MemoryAccess.getInt(lenPointer);
id = (length == 0) ? new byte[0] :
sessionId.asSegment(length, engineScope).toByteArray();
@@ -1589,7 +1592,9 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
synchronized (OpenSSLEngine.this) {
if (!destroyed) {
var session = SSL_get_session(state.ssl);
- creationTime = SSL_SESSION_get_time(session);
+ if (!MemoryAddress.NULL.equals(session)) {
+ creationTime = SSL_SESSION_get_time(session);
+ }
}
}
return creationTime * 1000L;
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 3df044a28f..702914aadd 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -144,6 +144,10 @@
Tomcat will not be running on a JRE where these issues are present.
(markt)
</scode>
+ <fix>
+ <bug>66035</bug>: Add NULL check on the SSL session reference in the
+ Panama code before accessing the session id and creation time. (remm)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org