From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Mon, 23 Aug 2021 09:11:29 +0000 (+0200)
Subject: Avoid using undefined value in generate_stateless_cookie_callback
X-Git-Tag: OpenSSL_1_1_1m~80
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cf2b1d6f11aa7ec4aa909ff1ecb9bee6892285d9;p=thirdparty%2Fopenssl.git

Avoid using undefined value in generate_stateless_cookie_callback

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16381)
---

diff --git a/apps/s_cb.c b/apps/s_cb.c
index dee1b2e5b4f..d066a423dee 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -819,7 +819,9 @@ int generate_stateless_cookie_callback(SSL *ssl, unsigned char *cookie,
 {
     unsigned int temp;
     int res = generate_cookie_callback(ssl, cookie, &temp);
-    *cookie_len = temp;
+
+    if (res != 0)
+        *cookie_len = temp;
     return res;
 }