[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

Kurt Roeckx kurt at openssl.org
Thu Dec 8 19:23:46 UTC 2016


The branch OpenSSL_1_1_0-stable has been updated
       via  c1f138c194d7d7dddb74c3a41215e8de638d7a26 (commit)
      from  e01cee6d8fbba09dc811af91a5e24dab95fc66a1 (commit)


- Log -----------------------------------------------------------------
commit c1f138c194d7d7dddb74c3a41215e8de638d7a26
Author: Kurt Roeckx <kurt at roeckx.be>
Date:   Thu Dec 8 19:20:55 2016 +0100

    Only call memcpy when the length is larger than 0.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    GH: #2050
    (cherry picked from commit a19fc66a6b5f99ad00305e152bdb41460d728640)

-----------------------------------------------------------------------

Summary of changes:
 ssl/statem/statem_clnt.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 5ea0919..a7cf227 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -1022,8 +1022,9 @@ MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt)
         s->session->ssl_version = s->version;
         s->session->session_id_length = session_id_len;
         /* session_id_len could be 0 */
-        memcpy(s->session->session_id, PACKET_data(&session_id),
-               session_id_len);
+        if (session_id_len > 0)
+            memcpy(s->session->session_id, PACKET_data(&session_id),
+                   session_id_len);
     }
 
     /* Session version and negotiated protocol version should match */


More information about the openssl-commits mailing list