diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-02-04 19:24:50 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-02-04 19:24:50 +0100 |
| commit | ad25556335796c8d4d5393d1a801f550695e5101 (patch) | |
| tree | 175df1e5675b9c9b8428e55df4a00cd4de40a623 | |
| parent | b94c3e7c6e8fba6a66a83efabd6376726eac3ba6 (diff) | |
| download | gnutls-ad25556335796c8d4d5393d1a801f550695e5101.tar.gz | |
Added a magic number in front session DB data.
| -rw-r--r-- | lib/gnutls_db.c | 12 | ||||
| -rw-r--r-- | lib/gnutls_db.h | 2 | ||||
| -rw-r--r-- | lib/gnutls_session_pack.c | 7 |
3 files changed, 19 insertions, 2 deletions
diff --git a/lib/gnutls_db.c b/lib/gnutls_db.c index 572e8204b2..1ef7e73650 100644 --- a/lib/gnutls_db.c +++ b/lib/gnutls_db.c @@ -156,16 +156,24 @@ gnutls_db_check_entry (gnutls_session_t session, gnutls_datum_t session_entry) * This function returns the time that this entry was active. * It can be used for database entry expiration. * + * Returns: The time this entry was created, or zero on error. **/ time_t gnutls_db_check_entry_time (gnutls_datum_t *entry) { uint32_t t; +uint32_t magic; - if (entry->size < 4) + if (entry->size < 8) return gnutls_assert_val(0); - memcpy(&t, entry->data, 4); + memcpy(&magic, entry->data, 4); + + if (magic != PACKED_SESSION_MAGIC) + return gnutls_assert_val(0); + + memcpy(&t, &entry->data[4], 4); + return t; } diff --git a/lib/gnutls_db.h b/lib/gnutls_db.h index 98302417d8..ca698e4a2d 100644 --- a/lib/gnutls_db.h +++ b/lib/gnutls_db.h @@ -24,3 +24,5 @@ int _gnutls_server_register_current_session (gnutls_session_t session); int _gnutls_server_restore_session (gnutls_session_t session, uint8_t * session_id, int session_id_size); + +#define PACKED_SESSION_MAGIC 0xfadebade diff --git a/lib/gnutls_session_pack.c b/lib/gnutls_session_pack.c index e221c40867..b7a5f8b3b6 100644 --- a/lib/gnutls_session_pack.c +++ b/lib/gnutls_session_pack.c @@ -42,6 +42,7 @@ #include <gnutls_constate.h> #include <algorithms.h> #include <gnutls_state.h> +#include <gnutls_db.h> static int pack_certificate_auth_info (gnutls_session_t, gnutls_buffer_st * packed_session); @@ -97,6 +98,7 @@ _gnutls_session_pack (gnutls_session_t session, id = gnutls_auth_get_type (session); /* first is the timestamp */ + BUFFER_APPEND_NUM(&sb, PACKED_SESSION_MAGIC); BUFFER_APPEND_NUM(&sb, session->security_parameters.timestamp); BUFFER_APPEND (&sb, &id, 1); @@ -178,6 +180,7 @@ _gnutls_session_unpack (gnutls_session_t session, { int ret; gnutls_buffer_st sb; + uint32_t magic; uint8_t id; _gnutls_buffer_init (&sb); @@ -203,6 +206,10 @@ _gnutls_session_unpack (gnutls_session_t session, } /* the timestamp is first */ + BUFFER_POP_NUM (&sb, magic); + if (magic != PACKED_SESSION_MAGIC) + return gnutls_assert_val(GNUTLS_E_DB_ERROR); + BUFFER_POP_NUM (&sb, session->internals.resumed_security_parameters.timestamp); BUFFER_POP (&sb, &id, 1); |