From c7e7699f1aa40fa1d15d96efa11c207e8c6fc853 Mon Sep 17 00:00:00 2001
From: Daniel Pouzzner <douzzer@wolfssl.com>
Date: Tue, 3 Dec 2024 11:38:58 -0600
Subject: [PATCH] src/ssl_sess.c: in wolfSSL_CTX_flush_sessions(), add missing
 check of s->sessionIDSz, similar to the fix to TlsSessionCacheGetAndLock() in
 #8182 (ef67b1c06a).  also, add missing macro to .wolfssl_known_macro_extras.

---
 .wolfssl_known_macro_extras | 1 +
 src/ssl_sess.c              | 1 +
 2 files changed, 2 insertions(+)

diff --git a/.wolfssl_known_macro_extras b/.wolfssl_known_macro_extras
index 6ec0d4cade..e691433d8f 100644
--- a/.wolfssl_known_macro_extras
+++ b/.wolfssl_known_macro_extras
@@ -463,6 +463,7 @@ STM32L475xx
 STM32L4A6xx
 STM32L552xx
 STM32L562xx
+STM32MP135Fxx
 STM32U575xx
 STM32U585xx
 STM32U5A9xx
diff --git a/src/ssl_sess.c b/src/ssl_sess.c
index 2f317f5ee7..9a04cc78be 100644
--- a/src/ssl_sess.c
+++ b/src/ssl_sess.c
@@ -843,6 +843,7 @@ void wolfSSL_CTX_flush_sessions(WOLFSSL_CTX* ctx, long tm)
 #ifdef SESSION_CACHE_DYNAMIC_MEM
                 s != NULL &&
 #endif
+                s->sessionIDSz == ID_LEN &&
                 XMEMCMP(s->sessionID, id, ID_LEN) != 0 &&
                 s->bornOn + s->timeout < (word32)tm
                 )