fix(bindings): tie ClientHello lifetime to Fingerprint#5747
Merged
CarolYeh910 merged 2 commits intomainfrom Feb 18, 2026
Merged
fix(bindings): tie ClientHello lifetime to Fingerprint#5747CarolYeh910 merged 2 commits intomainfrom
CarolYeh910 merged 2 commits intomainfrom
Conversation
kaukabrizvi
approved these changes
Feb 18, 2026
maddeleine
approved these changes
Feb 18, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Goal
Tie the
ClientHellolifetime to the returnedFingerprintin the ClientHello fingerprinting builder.We would like to thank Joshua Rogers (https://joshua.hu/) of AISLE Research Team (https://aisle.com/) for reporting this issue.
Why
Builder::buildpreviously acceptedclient_hello: &ClientHellowith an anonymous lifetime, meaning the borrow checker didn't enforce that theClientHellooutlives theFingerprint. Since the underlying C code holds a raw pointer to theClientHello, a caller could drop theClientHellowhile theFingerprintstill references it.How
Changed the
client_helloparameter from&ClientHelloto&'a ClientHello, binding it to the same lifetime'aas&'a mut selfand the returnedFingerprint<'a>.Callouts
This is a source-compatible change for correct usage. Any existing code where the
ClientHelloalready outlives theFingerprintwill continue to compile. Code that relied on the missing lifetime bound was unsound and will now fail to compile.Testing
compile_fail,E0597doctest verifies the compiler rejects danglingClientHelloreferences.cargo test --manifest-path bindings/rust/extended/s2n-tls/Cargo.toml --features unstable-fingerprint --doc fingerprintBy submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.