From 06447b58b234be050d405c6c75bfc987c6dcfdf9 Mon Sep 17 00:00:00 2001
From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Mon, 23 Aug 2021 11:11:29 +0200
Subject: [PATCH] Avoid using undefined value in
 generate_stateless_cookie_callback

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16384)
---
 apps/lib/s_cb.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c
index 245bae6249..c9a611aa3a 100644
--- a/apps/lib/s_cb.c
+++ b/apps/lib/s_cb.c
@@ -823,7 +823,8 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie,
     size_t temp = 0;
     int res = generate_stateless_cookie_callback(ssl, cookie, &temp);
 
-    *cookie_len = (unsigned int)temp;
+    if (res != 0)
+        *cookie_len = (unsigned int)temp;
     return res;
 }
 
-- 
2.34.1