diff options
| author | Doug Hogan <doug@cvs.openbsd.org> | 2014-12-15 00:46:54 +0000 |
|---|---|---|
| committer | Doug Hogan <doug@cvs.openbsd.org> | 2014-12-15 00:46:54 +0000 |
| commit | 257f76b1d7382d69718d462c7cc02b9bfd39e660 (patch) | |
| tree | 77446a31478d6100763a6b97224250bea84f18b9 /lib/libssl/s3_srvr.c | |
| parent | 5b7dee0535ceec81a18965770e417c19bfba4d99 (diff) | |
Add error handling for EVP_DigestInit_ex().
A few EVP_DigestInit_ex() calls were left alone since reporting an
error would change the public API.
Changed internal ssl3_cbc_digest_record() to return a value due to the above
change. It will also now set md_out_size=0 on failure.
This is based on part of BoringSSL's commit to fix malloc crashes:
https://boringssl.googlesource.com/boringssl/+/69a01608f33ab6fe2c3485d94aef1fe9eacf5364
ok miod@
Diffstat (limited to 'lib/libssl/s3_srvr.c')
| -rw-r--r-- | lib/libssl/s3_srvr.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/libssl/s3_srvr.c b/lib/libssl/s3_srvr.c index 783b1df782b..5e4a605c605 100644 --- a/lib/libssl/s3_srvr.c +++ b/lib/libssl/s3_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_srvr.c,v 1.94 2014/12/14 14:34:43 jsing Exp $ */ +/* $OpenBSD: s3_srvr.c,v 1.95 2014/12/15 00:46:53 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1612,9 +1612,10 @@ ssl3_send_server_key_exchange(SSL *s) q = md_buf; j = 0; for (num = 2; num > 0; num--) { - EVP_DigestInit_ex(&md_ctx, + if (!EVP_DigestInit_ex(&md_ctx, (num == 2) ? s->ctx->md5 : - s->ctx->sha1, NULL); + s->ctx->sha1, NULL)) + goto err; EVP_DigestUpdate(&md_ctx, s->s3->client_random, SSL3_RANDOM_SIZE); |