Assert that alpn_selected is NULL before we assign it

The alpn_selected value in the session should be NULL before we first populate it if this is a new session. We assert to make sure it is. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5715)
author: Matt Caswell <matt@openssl.org> 2018-03-21 20:19:37 +0000
committer: Matt Caswell <matt@openssl.org> 2018-03-27 16:19:17 +0100
commit: 9d5db9c9ab9b9f2f2a5ce9795405e8334cd2ce66 (patch)
tree: 774ec2fae08e9a38d96260763d38de5e19b97f90 /ssl/statem/extensions_clnt.c
parent: 53c9818e970fc0c22d77e19fda3b3e6f6c9e759d (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index 5c360042ae..e4a5b3cddc 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1679,7 +1679,15 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         s->ext.early_data_ok = 0;
     }
     if (!s->hit) {
-        /* If a new session then update it with the selected ALPN */
+        /*
+         * This is a new session and so alpn_selected should have been
+         * initialised to NULL. We should update it with the selected ALPN.
+         */
+        if (!ossl_assert(s->session->ext.alpn_selected == NULL)) {
+            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_ALPN,
+                     ERR_R_INTERNAL_ERROR);
+            return 0;
+        }
         s->session->ext.alpn_selected =
             OPENSSL_memdup(s->s3->alpn_selected, s->s3->alpn_selected_len);
         if (s->session->ext.alpn_selected == NULL) {
author	Matt Caswell <matt@openssl.org>	2018-03-21 20:19:37 +0000
committer	Matt Caswell <matt@openssl.org>	2018-03-27 16:19:17 +0100
commit	9d5db9c9ab9b9f2f2a5ce9795405e8334cd2ce66 (patch)
tree	774ec2fae08e9a38d96260763d38de5e19b97f90 /ssl/statem/extensions_clnt.c
parent	53c9818e970fc0c22d77e19fda3b3e6f6c9e759d (diff)