Do not overallocate for tmp.ciphers_raw

Well, not as much, at least. Commit 07afdf3c changed things so that for SSLv2 format ClientHellos we store the cipher list in the TLS format, i.e., with two bytes per cipher, to be consistent with historical behavior. However, the space allocated for the array still performed the computation with three bytes per cipher, a needless over-allocation (though a relatively small one, all things considered). Reviewed-by: N Rich Salz <rsalz@openssl.org> Reviewed-by: N Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2281)

Do not overallocate for tmp.ciphers_raw
Well, not as much, at least. Commit 07afdf3c changed things so that for SSLv2 format ClientHellos we store the cipher list in the TLS format, i.e., with two bytes per cipher, to be consistent with historical behavior. However, the space allocated for the array still performed the computation with three bytes per cipher, a needless over-allocation (though a relatively small one, all things considered). Reviewed-by: N Rich Salz <rsalz@openssl.org> Reviewed-by: N Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2281)
f1429b85 · Benjamin Kaduk · Matt Caswell · 52ad5b60 · f1429b85
隐藏空白更改
内联并排

Showing with 2 addition and 1 deletion

ssl/statem/statem_srvr.c ssl/statem/statem_srvr.c +2 -1

未找到文件。
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -3470,7 +3470,8 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,
         * slightly over allocate because we won't store those. But that isn't a
         * problem.
         */
-        raw = s->s3->tmp.ciphers_raw = OPENSSL_malloc(numciphers * n);
+        raw = OPENSSL_malloc(numciphers * TLS_CIPHER_LEN);
+        s->s3->tmp.ciphers_raw = raw;
        if (raw == NULL) {
            *al = SSL_AD_INTERNAL_ERROR;
            goto err;