From a13d744d2ea391e7bd2314a747493d969c3caf5a Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Wed, 11 Sep 2013 11:38:34 +0200
Subject: [PATCH] Fixed potential heap buffer overflow on large hostname
 setting (cherry picked from commit 75c1a6f97c9b25b71bcc95b158bc673f6db04400)

Conflicts:
	library/ssl_tls.c
---
 library/ssl_tls.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index cde6795f9..fd5b5a33b 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3239,6 +3239,10 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname )
         return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
 
     ssl->hostname_len = strlen( hostname );
+
+    if( ssl->hostname_len + 1 == 0 )
+        return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
+
     ssl->hostname = (unsigned char *) malloc( ssl->hostname_len + 1 );
 
     if( ssl->hostname == NULL )
@@ -3246,7 +3250,7 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname )
 
     memcpy( ssl->hostname, (const unsigned char *) hostname,
             ssl->hostname_len );
-    
+
     ssl->hostname[ssl->hostname_len] = '\0';
 
     return( 0 );