diff options
| -rw-r--r-- | lib/ssl/ssl3con.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c index 71d886c24..c1434ef44 100644 --- a/lib/ssl/ssl3con.c +++ b/lib/ssl/ssl3con.c @@ -6824,7 +6824,8 @@ ssl3_HandleServerHello(sslSocket *ss, PRUint8 *b, PRUint32 length) expectedSidLen = 0; } if (sidBytes.len != expectedSidLen || - PORT_Memcmp(buf, sidBytes.data, expectedSidLen) != 0) { + (expectedSidLen > 0 && + PORT_Memcmp(buf, sidBytes.data, expectedSidLen) != 0)) { desc = illegal_parameter; errCode = SSL_ERROR_RX_MALFORMED_SERVER_HELLO; goto alert_loser; |