From: Hugo Landau <hlandau@openssl.org>
Date: Mon, 31 Oct 2022 15:48:18 +0000 (+0000)
Subject: QUIC Wire Format Encoding: Fix handling of zero-length parameters
X-Git-Tag: openssl-3.2.0-alpha1~1519
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6946f1184aa4b0e42cc9c502115bf6c5dd72fa90;p=thirdparty%2Fopenssl.git

QUIC Wire Format Encoding: Fix handling of zero-length parameters

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
---

diff --git a/ssl/quic/quic_wire.c b/ssl/quic/quic_wire.c
index bc66f6c592f..8bd1057d0d1 100644
--- a/ssl/quic/quic_wire.c
+++ b/ssl/quic/quic_wire.c
@@ -382,8 +382,12 @@ unsigned char *ossl_quic_wire_encode_transport_param_bytes(WPACKET *pkt,
     unsigned char *b = NULL;
 
     if (!WPACKET_quic_write_vlint(pkt, id)
-            || !WPACKET_quic_write_vlint(pkt, value_len)
-            || !WPACKET_allocate_bytes(pkt, value_len, (unsigned char **)&b))
+        || !WPACKET_quic_write_vlint(pkt, value_len))
+        return NULL;
+
+    if (value_len == 0)
+        b = WPACKET_get_curr(pkt);
+    else if (!WPACKET_allocate_bytes(pkt, value_len, (unsigned char **)&b))
         return NULL;
 
     if (value != NULL)