Commit 1bb82930 authored by Bernd Edlinger's avatar Bernd Edlinger
Browse files

Fix array bounds violation in ssl_session_dup 



Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6353)
parent a0abb6a1

ssl/ssl_sess.c

+2 −1
Original line number Diff line number Diff line
@@ -204,7 +204,8 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket) 
    if (src->ext.supportedgroups) {

        dest->ext.supportedgroups =

            OPENSSL_memdup(src->ext.supportedgroups,

                           src->ext.supportedgroups_len);

                           src->ext.supportedgroups_len

                                * sizeof(*src->ext.supportedgroups));

        if (dest->ext.supportedgroups == NULL)

            goto err;

    }