From ff902a2ab8de41d828e44691e4fcd5e828a0ee2c Mon Sep 17 00:00:00 2001
From: miod <>
Date: Mon, 26 May 2014 20:54:06 +0000
Subject: Replace the following logic:

        if (nothing to allocate)
                ptr = malloc(1)
        else {
                if ((ptr = malloc(size to allocate))
                        memcpy(ptr, data to copy, size to allocate)
        }

        if (ptr == NULL)
                OMG ERROR

with a saner logic where the NULL pointer check if moved to the actual
malloc branch, so that we do not need to malloc a single byte, just to avoid
having a NULL pointer.

Whoever thought allocating a single byte was a smart idea was obviously
not taking his meds.

ok beck@ guenther@
---
 src/lib/libssl/s3_lib.c | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

(limited to 'src/lib/libssl/s3_lib.c')

diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 8b67e7c36a..d8a186040b 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -2633,16 +2633,18 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 		if (s->tlsext_opaque_prf_input != NULL)
 			free(s->tlsext_opaque_prf_input);
 		if ((size_t)larg == 0) {
-			/* dummy byte just to get non-NULL */
-			s->tlsext_opaque_prf_input = malloc(1);
-		} else
+			s->tlsext_opaque_prf_input = NULL;
+			s->tlsext_opaque_prf_input_len = 0;
+			ret = 1;
+		} else {
 			s->tlsext_opaque_prf_input =
 			    BUF_memdup(parg, (size_t)larg);
-		if (s->tlsext_opaque_prf_input != NULL) {
-			s->tlsext_opaque_prf_input_len = (size_t)larg;
-			ret = 1;
-		} else
-			s->tlsext_opaque_prf_input_len = 0;
+			if (s->tlsext_opaque_prf_input != NULL) {
+				s->tlsext_opaque_prf_input_len = (size_t)larg;
+				ret = 1;
+			} else
+				s->tlsext_opaque_prf_input_len = 0;
+		}
 		break;
 #endif
 
-- 
cgit v1.2.3-55-g6feb