Only call memcpy when the length is larger than 0.

Reviewed-by: N Rich Salz <rsalz@openssl.org> GH: #2050

Only call memcpy when the length is larger than 0.
Reviewed-by: N Rich Salz <rsalz@openssl.org> GH: #2050
a19fc66a · Kurt Roeckx · 120fb9e4 · a19fc66a
隐藏空白更改
内联并排

Showing with 3 addition and 2 deletion

ssl/statem/statem_clnt.c ssl/statem/statem_clnt.c +3 -2

未找到文件。
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -1186,8 +1186,9 @@ MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt)
        s->session->ssl_version = s->version;
        s->session->session_id_length = session_id_len;
        /* session_id_len could be 0 */
-        memcpy(s->session->session_id, PACKET_data(&session_id),
-               session_id_len);
+        if (session_id_len > 0)
+            memcpy(s->session->session_id, PACKET_data(&session_id),
+                   session_id_len);
    }

    /* Session version and negotiated protocol version should match */