From e49f07694e3b8692a5a758b50c9fa7faebdb14ed Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Tue, 28 Jun 2022 12:54:25 -0700
Subject: [PATCH] Fix for sniffer possible malloc of zero size causing a
 `-fsanitize=address` leak report.

---
 src/sniffer.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/src/sniffer.c b/src/sniffer.c
index f0e1730d0..2658c5b72 100644
--- a/src/sniffer.c
+++ b/src/sniffer.c
@@ -3994,12 +3994,14 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
             }
             /* cache key share data till server_hello */
             session->cliKeyShareSz = ksLen;
-            session->cliKeyShare = (byte*)XMALLOC(ksLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-            if (session->cliKeyShare == NULL) {
-                SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
-                break;
+            if (ksLen > 0) {
+                session->cliKeyShare = (byte*)XMALLOC(ksLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                if (session->cliKeyShare == NULL) {
+                    SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
+                    break;
+                }
+                XMEMCPY(session->cliKeyShare, &input[2], ksLen);
             }
-            XMEMCPY(session->cliKeyShare, &input[2], ksLen);
             break;
         }
         #ifdef HAVE_SESSION_TICKET