From: Neil Horman <nhorman@openssl.org>
Date: Tue, 13 May 2025 14:48:05 +0000 (-0400)
Subject: Add NULL check in ossl_quic_get_peer_token
X-Git-Tag: openssl-3.5.1~107
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4fb6c56b94eb03f19b86c1c8a9d323db56bc7cc6;p=thirdparty%2Fopenssl.git

Add NULL check in ossl_quic_get_peer_token

If a peer address hasn't been set on a quic channel yet, we will not
yield a token from our hashtable of available tokens.  Fail the
get_peer_token lookup in that event

Fixes #27608

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27610)

(cherry picked from commit 99ea6b38430dc977ba63c832694cdb3c2cb3c2c9)
---

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index 64da2be4afc..5ad5a79157f 100644
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -4893,6 +4893,9 @@ int ossl_quic_get_peer_token(SSL_CTX *ctx, BIO_ADDR *peer,
         return 0;
 
     key = ossl_quic_build_new_token(peer, NULL, 0);
+    if (key == NULL)
+        return 0;
+
     ossl_crypto_mutex_lock(c->mutex);
     tok = lh_QUIC_TOKEN_retrieve(c->cache, key);
     if (tok != NULL) {