Fixed potential heap buffer overflow on large hostname setting

(cherry picked from commit 75c1a6f97c) Conflicts: library/ssl_tls.c
2025-01-09 03:05:33 +00:00 · 2013-09-11 11:38:34 +02:00 · 2013-09-11 11:38:34 +02:00 · a13d744d2e
parent fe7c24caa6
commit a13d744d2e
1 changed files with 5 additions and 1 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -3239,6 +3239,10 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname )
        return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );

    ssl->hostname_len = strlen( hostname );
+
+    if( ssl->hostname_len + 1 == 0 )
+        return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
+
    ssl->hostname = (unsigned char *) malloc( ssl->hostname_len + 1 );

    if( ssl->hostname == NULL )
@ -3246,7 +3250,7 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname )

    memcpy( ssl->hostname, (const unsigned char *) hostname,
            ssl->hostname_len );
-    
+
    ssl->hostname[ssl->hostname_len] = '\0';

    return( 0 );