diff options
| author | Loganaden Velvindron <logan@cvs.openbsd.org> | 2014-06-10 18:01:00 +0000 |
|---|---|---|
| committer | Loganaden Velvindron <logan@cvs.openbsd.org> | 2014-06-10 18:01:00 +0000 |
| commit | a8737c9b3e0f90e12ef44363865f330c76566430 (patch) | |
| tree | 20f987a451e0ce0e3729a9552128d657ded2552e /lib | |
| parent | 9798dc6b775d6555bed7e556d0b4488e17149a8f (diff) | |
Check return value of EVP_MD_CTX_copy_ex() in ssl3_handshake_mac()
to avoid potential null pointer dereference.
Based on david ramos work.
OK from miod@ and jsing@
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libssl/src/ssl/s3_enc.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/libssl/src/ssl/s3_enc.c b/lib/libssl/src/ssl/s3_enc.c index 8f88a4a88df..71a3155c604 100644 --- a/lib/libssl/src/ssl/s3_enc.c +++ b/lib/libssl/src/ssl/s3_enc.c @@ -668,7 +668,9 @@ ssl3_handshake_mac(SSL *s, int md_nid, const char *sender, int len, } EVP_MD_CTX_init(&ctx); EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); - EVP_MD_CTX_copy_ex(&ctx, d); + + if (!EVP_MD_CTX_copy_ex(&ctx, d)) + return 0; n = EVP_MD_CTX_size(&ctx); if (n < 0) return 0; |