WolfSSL
/
wolfssljni
mirror of https://github.com/wolfSSL/wolfssljni.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #258 from cconlon/nativeALPNSelectCbXSTRTOKFix 

Null terminate `NativeALPNSelectCb()` peer protocol list before XSTRTOK
pull/260/head
JacobBarthelmeh 2025-04-29 15:33:20 -06:00 committed by GitHub
parent e858d7590d d466ff16e4
commit 994950fffb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
native/com_wolfssl_WolfSSLSession.c
View File

@ -4946,7 +4946,9 @@ int NativeALPNSelectCb(WOLFSSL *ssl, const unsigned char **out,
/* Use wolfSSL_ALPN_GetPeerProtocol() here to get ALPN protocols sent /* Use wolfSSL_ALPN_GetPeerProtocol() here to get ALPN protocols sent
* by the peer instead of directly using in/inlen, since this API * by the peer instead of directly using in/inlen, since this API
* splits/formats into a comma-separated, null-terminated list */ * splits/formats into a comma-separated list. peerProtosSz does not
* include the null terminator byte in the size. It is only the size
* of the ALPN list chars proper.*/
ret = wolfSSL_ALPN_GetPeerProtocol(ssl, &peerProtos, &peerProtosSz); ret = wolfSSL_ALPN_GetPeerProtocol(ssl, &peerProtos, &peerProtosSz);
if (ret != WOLFSSL_SUCCESS) { if (ret != WOLFSSL_SUCCESS) {
if ((*jenv)->ExceptionOccurred(jenv)) { if ((*jenv)->ExceptionOccurred(jenv)) {
@ -4962,8 +4964,9 @@ int NativeALPNSelectCb(WOLFSSL *ssl, const unsigned char **out,
} }
/* Make a copy of peer protos since we have to scan through it first /* Make a copy of peer protos since we have to scan through it first
* to get total number of tokens */ * to get total number of tokens. Allocate peerProtosSz+1 to make
peerProtosCopy = (char*)XMALLOC(peerProtosSz, NULL, * sure our list is null terminated for XSTRTOK(). */
peerProtosCopy = (char*)XMALLOC(peerProtosSz + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER);
if (peerProtosCopy == NULL) { if (peerProtosCopy == NULL) {
if ((*jenv)->ExceptionOccurred(jenv)) { if ((*jenv)->ExceptionOccurred(jenv)) {
@ -4977,6 +4980,7 @@ int NativeALPNSelectCb(WOLFSSL *ssl, const unsigned char **out,
} }
return SSL_TLSEXT_ERR_ALERT_FATAL; return SSL_TLSEXT_ERR_ALERT_FATAL;
} }
XMEMSET(peerProtosCopy, 0, peerProtosSz + 1);
XMEMCPY(peerProtosCopy, peerProtos, peerProtosSz); XMEMCPY(peerProtosCopy, peerProtos, peerProtosSz);
/* get count of protocols, used to create Java array of proper size */ /* get count of protocols, used to create Java array of proper size */