[openssl] OpenSSL_1_1_1-stable update

Matt Caswell matt at openssl.org
Fri Apr 19 08:55:54 UTC 2019

The branch OpenSSL_1_1_1-stable has been updated
       via  1711a62686e3d55767ba067a4fd1a18ceec69d3f (commit)
      from  af0bab32273847c14ea7635f714466a5d497905c (commit)

- Log -----------------------------------------------------------------
commit 1711a62686e3d55767ba067a4fd1a18ceec69d3f
Author: dyrock <zeyuany at gmail.com>
Date:   Mon Apr 15 11:01:58 2019 -0500

    Check if num is 0 before trying to malloc memory. Otherwise for client hellos without extensions SSL_client_hello_get1_extensions_present will return MALLOC_FAILURE.
    Reviewed-by: Paul Yang <yang.yang at baishancloud.com>
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/8756)
    (cherry picked from commit 6fda11ae5a06e28fd9463e5afb60735d074904b3)


Summary of changes:
 doc/man3/SSL_CTX_set_client_hello_cb.pod | 2 ++
 ssl/ssl_lib.c                            | 5 +++++
 2 files changed, 7 insertions(+)

diff --git a/doc/man3/SSL_CTX_set_client_hello_cb.pod b/doc/man3/SSL_CTX_set_client_hello_cb.pod
index 6824b5b..585127d 100644
--- a/doc/man3/SSL_CTX_set_client_hello_cb.pod
+++ b/doc/man3/SSL_CTX_set_client_hello_cb.pod
@@ -65,6 +65,8 @@ both required, and on success the caller must release the storage allocated for
 B<*out> using OPENSSL_free().  The contents of B<*out> is an array of integers
 holding the numerical value of the TLS extension types in the order they appear
 in the ClientHello.  B<*outlen> contains the number of elements in the array.
+In situations when the ClientHello has no extensions, the function will return
+success with B<*out> set to NULL and B<*outlen> set to 0.
 =head1 NOTES
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 4440a9f..d7e1f32 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -5070,6 +5070,11 @@ int SSL_client_hello_get1_extensions_present(SSL *s, int **out, size_t *outlen)
         if (ext->present)
+    if (num == 0) {
+        *out = NULL;
+        *outlen = 0;
+        return 1;
+    }
     if ((present = OPENSSL_malloc(sizeof(*present) * num)) == NULL) {

More information about the openssl-commits mailing list