From 4fb6c56b94eb03f19b86c1c8a9d323db56bc7cc6 Mon Sep 17 00:00:00 2001 From: Neil Horman Date: Tue, 13 May 2025 10:48:05 -0400 Subject: [PATCH] Add NULL check in ossl_quic_get_peer_token MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit If a peer address hasn't been set on a quic channel yet, we will not yield a token from our hashtable of available tokens. Fail the get_peer_token lookup in that event Fixes #27608 Reviewed-by: Saša Nedvědický Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/27610) (cherry picked from commit 99ea6b38430dc977ba63c832694cdb3c2cb3c2c9) --- ssl/quic/quic_impl.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c index 64da2be4afc..5ad5a79157f 100644 --- a/ssl/quic/quic_impl.c +++ b/ssl/quic/quic_impl.c @@ -4893,6 +4893,9 @@ int ossl_quic_get_peer_token(SSL_CTX *ctx, BIO_ADDR *peer, return 0; key = ossl_quic_build_new_token(peer, NULL, 0); + if (key == NULL) + return 0; + ossl_crypto_mutex_lock(c->mutex); tok = lh_QUIC_TOKEN_retrieve(c->cache, key); if (tok != NULL) { -- 2.47.2