From ac4b5af098a7e06c1a26b703e9c2ccb14b239235 Mon Sep 17 00:00:00 2001 From: tb Date: Wed, 20 Jul 2022 14:13:13 +0000 Subject: [PATCH] Copy alpn_client_proto_list using CBS in SSL_new() This makes the code both shorter and safer since freeing, allocation, and copying are handled by CBS_stow() internally. ok jsing --- lib/libssl/ssl_lib.c | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c index c6a01faa836..02b49670768 100644 --- a/lib/libssl/ssl_lib.c +++ b/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.298 2022/07/20 14:08:49 tb Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.299 2022/07/20 14:13:13 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -240,6 +240,7 @@ SSL * SSL_new(SSL_CTX *ctx) { SSL *s; + CBS cbs; if (ctx == NULL) { SSLerrorx(SSL_R_NULL_SSL_CTX); @@ -329,17 +330,11 @@ SSL_new(SSL_CTX *ctx) ctx->internal->tlsext_supportedgroups_length; } - if (s->ctx->internal->alpn_client_proto_list != NULL) { - s->internal->alpn_client_proto_list = - malloc(s->ctx->internal->alpn_client_proto_list_len); - if (s->internal->alpn_client_proto_list == NULL) - goto err; - memcpy(s->internal->alpn_client_proto_list, - s->ctx->internal->alpn_client_proto_list, - s->ctx->internal->alpn_client_proto_list_len); - s->internal->alpn_client_proto_list_len = - s->ctx->internal->alpn_client_proto_list_len; - } + CBS_init(&cbs, ctx->internal->alpn_client_proto_list, + ctx->internal->alpn_client_proto_list_len); + if (!CBS_stow(&cbs, &s->internal->alpn_client_proto_list, + &s->internal->alpn_client_proto_list_len)) + goto err; s->verify_result = X509_V_OK; -- 2.20.1