diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2021-12-26 15:11:00 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2021-12-26 15:11:00 +0000 |
| commit | a316d2db531e55dd25cfde32483544745f7dc4c3 (patch) | |
| tree | 9758a81449629e1149ce0798e1bd50535943ad52 /lib/libssl/ssl_srvr.c | |
| parent | f9e56f89c82381d5677b8b356b4b547a2ec5f0c4 (diff) | |
Hoist memset of CBB above EVP_MD_CTX_new() and HMAC_CTX_new() to avoid
a use of uninitialized in the unlikely event that either of them fails.
Problem introduced in r1.128.
CID 345113
ok jsing
Diffstat (limited to 'lib/libssl/ssl_srvr.c')
| -rw-r--r-- | lib/libssl/ssl_srvr.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/libssl/ssl_srvr.c b/lib/libssl/ssl_srvr.c index 665fcc50379..330f9176d89 100644 --- a/lib/libssl/ssl_srvr.c +++ b/lib/libssl/ssl_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_srvr.c,v 1.128 2021/12/09 17:53:29 tb Exp $ */ +/* $OpenBSD: ssl_srvr.c,v 1.129 2021/12/26 15:10:59 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2494,13 +2494,13 @@ ssl3_send_newsession_ticket(SSL *s) * New Session Ticket - RFC 5077, section 3.3. */ + memset(&cbb, 0, sizeof(cbb)); + if ((ctx = EVP_CIPHER_CTX_new()) == NULL) goto err; if ((hctx = HMAC_CTX_new()) == NULL) goto err; - memset(&cbb, 0, sizeof(cbb)); - if (S3I(s)->hs.state == SSL3_ST_SW_SESSION_TICKET_A) { if (!ssl3_handshake_msg_start(s, &cbb, &session_ticket, SSL3_MT_NEWSESSION_TICKET)) |