automatic import of dsoftbusopeneuler20.03

1 files changed, 24 insertions, 0 deletions

diff --git a/third-party-mbedtls-0002-fix-CVE-2021-45451.patch b/third-party-mbedtls-0002-fix-CVE-2021-45451.patch
new file mode 100644
index 0000000..ce1251d
--- /dev/null
+++ b/third-party-mbedtls-0002-fix-CVE-2021-45451.patch
@@ -0,0 +1,24 @@
+From: =?UTF-8?q?=E6=AF=9B=E5=AE=87=E9=94=8B?= <maoyufeng3@huawei.com>
+Date: Mon, 18 Jul 2022 02:20:45 +0000
+Subject: [PATCH] [session] fix a session copy bug fix a possible double
+ reference on 'ticket' when peer_cert/peer_cert_digest calloc failed.
+ Cherry-pick from
+ https://github.com/Mbed-TLS/mbedtls/commit/eb490aabf6a9f47c074ec476d0d4997c2362cdbc
+
+Signed-off-by: maoyufeng <maoyufeng3@huawei.com>
+
+diff --git a/library/ssl_tls.c b/library/ssl_tls.c
+index 3c1e9175981c4c0d175af94914e4c8ebb4558fc9..962d6254353e92b8422842362f603228850184b7 100755
+--- a/library/ssl_tls.c
++++ b/library/ssl_tls.c
+@@ -301,6 +301,10 @@ static int ssl_session_copy( mbedtls_ssl_session *dst, const mbedtls_ssl_session
+     mbedtls_ssl_session_free( dst );
+     memcpy( dst, src, sizeof( mbedtls_ssl_session ) );
+ 
++#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
++    dst->ticket = NULL;
++#endif
++
+ #if defined(MBEDTLS_X509_CRT_PARSE_C)
+     if( src->peer_cert != NULL )
+     {