From 696de86f8edefdf885a665ed9166ee2432f2ee30 Mon Sep 17 00:00:00 2001 From: Peter Wu Date: Tue, 20 Mar 2018 23:47:06 +0100 Subject: [PATCH] Fix stack-use-after-scope Fixes regression from #5667. Reviewed-by: Paul Dale Reviewed-by: Ben Kaduk Reviewed-by: Rich Salz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/5701) --- ssl/statem/extensions_clnt.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index bebf73a49c..5c360042ae 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -744,6 +744,9 @@ EXT_RETURN tls_construct_ctos_early_data(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, size_t chainidx) { +#ifndef OPENSSL_NO_PSK + char identity[PSK_MAX_IDENTITY_LEN + 1]; +#endif /* OPENSSL_NO_PSK */ const unsigned char *id = NULL; size_t idlen = 0; SSL_SESSION *psksess = NULL; @@ -765,7 +768,6 @@ EXT_RETURN tls_construct_ctos_early_data(SSL *s, WPACKET *pkt, #ifndef OPENSSL_NO_PSK if (psksess == NULL && s->psk_client_callback != NULL) { - char identity[PSK_MAX_IDENTITY_LEN + 1]; unsigned char psk[PSK_MAX_PSK_LEN]; size_t psklen = 0; -- 2.25.1