Add warning about a potential pitfall with WPACKET_allocate_bytes()

If the underlying BUF_MEM gets realloc'd then the pointer returned could become invalid. Therefore we should always ensure that the allocated memory is filled in prior to any more WPACKET_* calls. Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Matt Caswell <matt@openssl.org> 2016-09-21 11:20:18 +0100
committer: Matt Caswell <matt@openssl.org> 2016-09-22 23:12:38 +0100
commit: 4b0fc9fc7a8767f3e6289b2b9f4527db186b3566 (patch)
tree: a1f727298be9f459f2900f4a681b3e7eebc31a6c /ssl/packet.c
parent: f3b3d7f0033080f86ede5a53e8af2fb313091b5a (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/ssl/packet.c b/ssl/packet.c
index 6199469969..0e8e8764dd 100644
--- a/ssl/packet.c
+++ b/ssl/packet.c
@@ -224,6 +224,7 @@ int WPACKET_start_sub_packet_len__(WPACKET *pkt, size_t lenbytes)
 
     if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars))
         return 0;
+    /* Convert to an offset in case the underlying BUF_MEM gets realloc'd */
     sub->packet_len = lenchars - (unsigned char *)pkt->buf->data;
 
     return 1;
author	Matt Caswell <matt@openssl.org>	2016-09-21 11:20:18 +0100
committer	Matt Caswell <matt@openssl.org>	2016-09-22 23:12:38 +0100
commit	4b0fc9fc7a8767f3e6289b2b9f4527db186b3566 (patch)
tree	a1f727298be9f459f2900f4a681b3e7eebc31a6c /ssl/packet.c
parent	f3b3d7f0033080f86ede5a53e8af2fb313091b5a (diff)