diff options
author | Benjamin Beurdouche <bbeurdouche@mozilla.com> | 2020-07-02 15:40:08 +0000 |
---|---|---|
committer | Benjamin Beurdouche <bbeurdouche@mozilla.com> | 2020-07-02 15:40:08 +0000 |
commit | 40ebd16d10b050a73ba7833425872aaaf4802217 (patch) | |
tree | 2f14d126076b8fd0e4bfa097d169cd5fbb5db96f | |
parent | cccae6c55fae06569bada2dcbf7b5ff0d3adabb8 (diff) | |
download | nss-hg-40ebd16d10b050a73ba7833425872aaaf4802217.tar.gz |
Bug 1649316 - Prevent memcmp to be called with a zero length in ssl/ssl3con.c:6621 r=kjacobs
Differential Revision: https://phabricator.services.mozilla.com/D81667
-rw-r--r-- | lib/ssl/ssl3con.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c index 930635850..b6218296d 100644 --- a/lib/ssl/ssl3con.c +++ b/lib/ssl/ssl3con.c @@ -6618,7 +6618,7 @@ ssl_CheckServerSessionIdCorrectness(sslSocket *ss, SECItem *sidBytes) * fake. Check for the real value. */ if (sentRealSid) { sidMatch = (sidBytes->len == sid->u.ssl3.sessionIDLength) && - PORT_Memcmp(sid->u.ssl3.sessionID, sidBytes->data, sidBytes->len) == 0; + (!sidBytes->len || PORT_Memcmp(sid->u.ssl3.sessionID, sidBytes->data, sidBytes->len) == 0); } else { /* Otherwise, the session ID was a fake if TLS 1.3 compat mode is * enabled. If so, check for the fake value. */ |