From e1c6bc1ba372ea46cf37964f1bbfd29e6099f401 Mon Sep 17 00:00:00 2001
From: Niels Dossche <niels.dossche@ugent.be>
Date: Thu, 21 Aug 2025 13:24:01 +0200
Subject: [PATCH] Fix reallocation failure condition in qtx_resize_txe()
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Returning the same pointer does not mean that the reallocation failed,
it would also prevent updating alloc_len down below.
This is similar code and a similar change to 043a41ddee.

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28317)

(cherry picked from commit 220f5be6908631759d56c7a6458be8385d984260)
---
 ssl/quic/quic_record_tx.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ssl/quic/quic_record_tx.c b/ssl/quic/quic_record_tx.c
index ef93a14f94a..ae37353a9b2 100644
--- a/ssl/quic/quic_record_tx.c
+++ b/ssl/quic/quic_record_tx.c
@@ -279,12 +279,12 @@ static TXE *qtx_resize_txe(OSSL_QTX *qtx, TXE_LIST *txl, TXE *txe, size_t n)
      * data.
      */
     txe2 = OPENSSL_realloc(txe, sizeof(TXE) + n);
-    if (txe2 == NULL || txe == txe2) {
+    if (txe2 == NULL) {
         if (p == NULL)
             ossl_list_txe_insert_head(txl, txe);
         else
             ossl_list_txe_insert_after(txl, p, txe);
-        return txe2;
+        return NULL;
     }
 
     if (p == NULL)
-- 
2.47.3