Assert that alpn_selected is NULL before we assign it (9d5db9c9) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

ssl/statem/extensions_clnt.c

+9 −1

Original line number	Diff line number	Diff line
		@@ -1679,7 +1679,15 @@ int tls_parse_stoc_alpn(SSL s, PACKET pkt, unsigned int context, X509 *x,
		s->ext.early_data_ok = 0;
		}
		if (!s->hit) {
		/* If a new session then update it with the selected ALPN */
		/*
		* This is a new session and so alpn_selected should have been
		* initialised to NULL. We should update it with the selected ALPN.
		*/
		if (!ossl_assert(s->session->ext.alpn_selected == NULL)) {
		SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_ALPN,
		ERR_R_INTERNAL_ERROR);
		return 0;
		}
		s->session->ext.alpn_selected =
		OPENSSL_memdup(s->s3->alpn_selected, s->s3->alpn_selected_len);
		if (s->session->ext.alpn_selected == NULL) {

+11 −1

Original line number	Diff line number	Diff line
		@@ -2100,7 +2100,17 @@ int tls_handle_alpn(SSL *s)
		s->ext.early_data_ok = 0;

		if (!s->hit) {
		/* If a new session update it with the new ALPN value */
		/*
		* This is a new session and so alpn_selected should have
		* been initialised to NULL. We should update it with the
		* selected ALPN.
		*/
		if (!ossl_assert(s->session->ext.alpn_selected == NULL)) {
		SSLfatal(s, SSL_AD_INTERNAL_ERROR,
		SSL_F_TLS_HANDLE_ALPN,
		ERR_R_INTERNAL_ERROR);
		return 0;
		}
		s->session->ext.alpn_selected = OPENSSL_memdup(selected,
		selected_len);
		if (s->session->ext.alpn_selected == NULL) {