this change will prevent undefined behavior when src and dst are equal (memcpy), effectively allowing setting length only in both functions.

CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2750)
author: Roberto Guimaraes <rguimaraes@fastly.com> 2017-02-27 00:47:40 +0100
committer: Rich Salz <rsalz@openssl.org> 2017-03-08 15:42:29 +0100
commit: 6aad9393680ccde591905c8d71da92a241756394 (patch)
tree: bf0e7decdac9225daba68ed0709f500c60e78115 /ssl/ssl_sess.c
parent: Fix no-comp (diff)
download: openssl-6aad9393680ccde591905c8d71da92a241756394.tar.xz
openssl-6aad9393680ccde591905c8d71da92a241756394.zip
1 files changed, 4 insertions, 2 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 2e69176b8f..ab194979fc 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -835,7 +835,8 @@ int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
       return 0;
     }
     s->session_id_length = sid_len;
-    memcpy(s->session_id, sid, sid_len);
+    if (sid != s->session_id)
+        memcpy(s->session_id, sid, sid_len);
     return 1;
 }
 
@@ -921,7 +922,8 @@ int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
         return 0;
     }
     s->sid_ctx_length = sid_ctx_len;
-    memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
+    if (sid_ctx != s->sid_ctx)
+        memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
 
     return 1;
 }
author	Roberto Guimaraes <rguimaraes@fastly.com>	2017-02-27 00:47:40 +0100
committer	Rich Salz <rsalz@openssl.org>	2017-03-08 15:42:29 +0100
commit	6aad9393680ccde591905c8d71da92a241756394 (patch)
tree	bf0e7decdac9225daba68ed0709f500c60e78115 /ssl/ssl_sess.c
parent	Fix no-comp (diff)
download	openssl-6aad9393680ccde591905c8d71da92a241756394.tar.xz openssl-6aad9393680ccde591905c8d71da92a241756394.zip