mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix undefined behaviour in the event of a zero length session id

Browse Source 
Don't attempt to memcpy a NULL pointer if the length is 0.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24309)
This commit is contained in:
Matt Caswell 2024-05-01 11:23:57 +01:00 committed by Tomas Mraz
parent aecaaccaf9
commit 97c6489b39
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ssl/ssl_sess.c
View File

@ -907,8 +907,9 @@ int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
return 0;
}
s->session_id_length = sid_len;
if (sid != s->session_id)
if (sid != s->session_id && sid_len > 0)
memcpy(s->session_id, sid, sid_len);
return 1;
}