diff options
| author |   jsing <jsing@openbsd.org> | 2014-12-10 15:43:31 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2014-12-10 15:43:31 +0000 |
| commit | 744da65f125f4a4ccb1e6204b9f3aa1a6b92da95 (patch) | |
| tree | df567c7d6d17c5742cd55ab0e326e7497f662fc0 /lib/libssl/src/ssl/s3_both.c | |
| parent | Remove support for GOST R 34.10-94 signature authentication, along with (diff) | |
| download | wireguard-openbsd-744da65f125f4a4ccb1e6204b9f3aa1a6b92da95.tar.xz wireguard-openbsd-744da65f125f4a4ccb1e6204b9f3aa1a6b92da95.zip | |
ssl3_init_finished_mac() calls BIO_new() which can fail since it in turn
calls malloc(). Instead of silently continuing on failure, check the return
value of BIO_new() and propagate failure back to the caller for appropriate
handling.
ok bcook@
Diffstat (limited to 'lib/libssl/src/ssl/s3_both.c')
| -rw-r--r-- | lib/libssl/src/ssl/s3_both.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/libssl/src/ssl/s3_both.c b/lib/libssl/src/ssl/s3_both.c index 0d9cc3d65ca..ffc10774d83 100644 --- a/lib/libssl/src/ssl/s3_both.c +++ b/lib/libssl/src/ssl/s3_both.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_both.c,v 1.33 2014/12/10 15:36:46 jsing Exp $ */ +/* $OpenBSD: s3_both.c,v 1.34 2014/12/10 15:43:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -464,7 +464,11 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) * start a new handshake?). We need to restart the mac. * Don't increment {num,total}_renegotiations because * we have not completed the handshake. */ - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + SSLerr(SSL_F_SSL3_GET_MESSAGE, + ERR_R_MALLOC_FAILURE); + goto err; + } } s->s3->tmp.message_type= *(p++); |