[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Mon Mar 6 09:46:53 UTC 2017
The branch master has been updated
via e6941c7814bb25729d65e1f8e87d1c110a0cbe7e (commit)
from ee7002266cbdcfcfe002c94396795c9fb3d5a337 (commit)
- Log -----------------------------------------------------------------
commit e6941c7814bb25729d65e1f8e87d1c110a0cbe7e
Author: Matt Caswell <matt at openssl.org>
Date: Sat Mar 4 23:58:03 2017 +0000
Don't call memcmp with a NULL pointer
If early data is sent to a server, but ALPN is not used then memcmp is
called with a NULL pointer which is undefined behaviour.
Fixes #2841
Reviewed-by: Kurt Roeckx <kurt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2845)
-----------------------------------------------------------------------
Summary of changes:
ssl/statem/extensions.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 8c4013e..fab9bcb 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -1252,8 +1252,9 @@ static int final_early_data(SSL *s, unsigned int context, int sent, int *al)
|| !s->ext.early_data_ok
|| s->hello_retry_request
|| s->s3->alpn_selected_len != s->session->ext.alpn_selected_len
- || memcmp(s->s3->alpn_selected, s->session->ext.alpn_selected,
- s->s3->alpn_selected_len) != 0){
+ || (s->s3->alpn_selected_len > 0
+ && memcmp(s->s3->alpn_selected, s->session->ext.alpn_selected,
+ s->s3->alpn_selected_len) != 0)) {
s->ext.early_data = SSL_EARLY_DATA_REJECTED;
} else {
s->ext.early_data = SSL_EARLY_DATA_ACCEPTED;
More information about the openssl-commits
mailing list