)]}'
{
  "commit": "a3d831b9e67cb8521073dfe7f15b07c53f9294c7",
  "tree": "e55ae60c2a5718cc375ae64b60e77028fb5b1a32",
  "parents": [
    "f5fa0aa664aa3ef4c23adab35919850cc7c826de"
  ],
  "author": {
    "name": "Manuel Pégourié-Gonnard",
    "email": "manuel.pegourie-gonnard@arm.com",
    "time": "Thu May 23 12:28:45 2019 +0200"
  },
  "committer": {
    "name": "Jarno Lamsa",
    "email": "jarno.lamsa@arm.com",
    "time": "Fri Aug 23 12:48:41 2019 +0300"
  },
  "message": "Add test for session_load() from small buffers\n\nThis uncovered a bug that led to a double-free (in practice, in general could\nbe free() on any invalid value): initially the session structure is loaded\nwith `memcpy()` which copies the previous values of pointers peer_cert and\nticket to heap-allocated buffers (or any other value if the input is\nattacker-controlled). Now if we exit before we got a chance to replace those\ninvalid values with valid ones (for example because the input buffer is too\nsmall, or because the second malloc() failed), then the next call to\nsession_free() is going to call free() on invalid pointers.\n\nThis bug is fixed in this commit by always setting the pointers to NULL right\nafter they\u0027ve been read from the serialised state, so that the invalid values\ncan never be used.\n\n(An alternative would be to NULL-ify them when writing, which was rejected\nmostly because we need to do it when reading anyway (as the consequences of\nfree(invalid) are too severe to take any risk), so doing it when writing as\nwell is redundant and a waste of code size.)\n\nAlso, while thinking about what happens in case of errors, it became apparent\nto me that it was bad practice to leave the session structure in an\nhalf-initialised state and rely on the caller to call session_free(), so this\ncommit also ensures we always clear the structure when loading failed.\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "6f9203daa499b3e1bd1d22972b224f921e375501",
      "old_mode": 33188,
      "old_path": "library/ssl_tls.c",
      "new_id": "cc70510cb8e85ac2f9eb90ae578c3cda979cac9f",
      "new_mode": 33188,
      "new_path": "library/ssl_tls.c"
    },
    {
      "type": "modify",
      "old_id": "b166a9a93a7510d4b374dc3c28baaa99a9e2b5f5",
      "old_mode": 33188,
      "old_path": "tests/suites/test_suite_ssl.data",
      "new_id": "d41fcd01dc394dfb8f4b700dd45ef5bfea272fae",
      "new_mode": 33188,
      "new_path": "tests/suites/test_suite_ssl.data"
    },
    {
      "type": "modify",
      "old_id": "61ff41608150def4605f97213f2f77a47d2117b2",
      "old_mode": 33188,
      "old_path": "tests/suites/test_suite_ssl.function",
      "new_id": "8a184d0f877276c2dc1f089db86bb44a8726102e",
      "new_mode": 33188,
      "new_path": "tests/suites/test_suite_ssl.function"
    }
  ]
}