this change will prevent undefined behavior when src and dst are equal (memcpy),...
authorRoberto Guimaraes <rguimaraes@fastly.com>
Sun, 26 Feb 2017 23:47:40 +0000 (15:47 -0800)
committerRich Salz <rsalz@openssl.org>
Wed, 8 Mar 2017 14:42:29 +0000 (09:42 -0500)
CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2750)

ssl/ssl_sess.c

index 2e69176..ab19497 100644 (file)
@@ -835,7 +835,8 @@ int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
       return 0;
     }
     s->session_id_length = sid_len;
-    memcpy(s->session_id, sid, sid_len);
+    if (sid != s->session_id)
+        memcpy(s->session_id, sid, sid_len);
     return 1;
 }
 
@@ -921,7 +922,8 @@ int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
         return 0;
     }
     s->sid_ctx_length = sid_ctx_len;
-    memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
+    if (sid_ctx != s->sid_ctx)
+        memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
 
     return 1;
 }