tls: make sure we never try to do DB ops on a zero-length key

cyrusimap · Apr 16, 2017 · a1c917d · a1c917d
1 parent 18f399c
commit a1c917d
Showing 1 changed file with 8 additions and 5 deletions.
diff --git a/imap/tls.c b/imap/tls.c
@@ -518,11 +518,13 @@ static int new_session_cb(SSL *ssl __attribute__((unused)),
 	/* store the session in our database */
 
 	session_id = SSL_SESSION_get_id(sess, &session_id_length);
-	do {
-	    ret = cyrusdb_store(sessdb, (const char *) session_id,
-			    session_id_length,
-			    (const char *) data, len + sizeof(time_t), NULL);
-	} while (ret == CYRUSDB_AGAIN);
+        if (session_id_length) {
+	    do {
+	        ret = cyrusdb_store(sessdb, (const char *) session_id,
+			        session_id_length,
+			        (const char *) data, len + sizeof(time_t), NULL);
+	    } while (ret == CYRUSDB_AGAIN);
+        }
     }
 
     free(data);
@@ -551,6 +553,7 @@ static void remove_session(const unsigned char *id, int idlen)
     assert(id);
     assert(idlen <= SSL_MAX_SSL_SESSION_ID_LENGTH);
 
+    if (!idlen) return;
     if (!sess_dbopen) return;
 
     do {