Commit e6941c78 authored by Matt Caswell's avatar Matt Caswell
Browse files

Don't call memcmp with a NULL pointer 



If early data is sent to a server, but ALPN is not used then memcmp is
called with a NULL pointer which is undefined behaviour.

Fixes #2841

Reviewed-by: default avatarKurt Roeckx <kurt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2845)
parent ee700226

ssl/statem/extensions.c

+3 −2
Original line number Diff line number Diff line
@@ -1252,8 +1252,9 @@ static int final_early_data(SSL *s, unsigned int context, int sent, int *al) 
            || !s->ext.early_data_ok

            || s->hello_retry_request

            || s->s3->alpn_selected_len != s->session->ext.alpn_selected_len

            || memcmp(s->s3->alpn_selected, s->session->ext.alpn_selected,

                      s->s3->alpn_selected_len) != 0){

            || (s->s3->alpn_selected_len > 0

                && memcmp(s->s3->alpn_selected, s->session->ext.alpn_selected,

                          s->s3->alpn_selected_len) != 0)) {

        s->ext.early_data = SSL_EARLY_DATA_REJECTED;

    } else {

        s->ext.early_data = SSL_EARLY_DATA_ACCEPTED;