diff options
author | Ben Laurie <ben@openssl.org> | 2008-12-29 17:11:58 +0100 |
---|---|---|
committer | Ben Laurie <ben@openssl.org> | 2008-12-29 17:11:58 +0100 |
commit | 0eab41fb78cf4d7c76e563fd677ab6c32fc28bb0 (patch) | |
tree | da848c7424ced86fc60823f4948b0fc79e52a381 /ssl/s2_pkt.c | |
parent | Make sure a bad parameter to RSA_verify_PKCS1_PSS() doesn't lead to a crash. (diff) | |
download | openssl-0eab41fb78cf4d7c76e563fd677ab6c32fc28bb0.tar.xz openssl-0eab41fb78cf4d7c76e563fd677ab6c32fc28bb0.zip |
If we're going to return errors (no matter how stupid), then we should
test for them!
Diffstat (limited to 'ssl/s2_pkt.c')
-rw-r--r-- | ssl/s2_pkt.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c index e6d5d09643..9c1d1313c1 100644 --- a/ssl/s2_pkt.c +++ b/ssl/s2_pkt.c @@ -116,7 +116,7 @@ #define USE_SOCKETS static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend); -static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len); +static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len); static int write_pending(SSL *s, const unsigned char *buf, unsigned int len); static int ssl_mt_error(int n); @@ -130,7 +130,7 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek) unsigned char mac[MAX_MAC_SIZE]; unsigned char *p; int i; - unsigned int mac_size; + int mac_size; ssl2_read_again: if (SSL_in_init(s) && !s->in_handshake) @@ -247,6 +247,8 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek) else { mac_size=EVP_MD_CTX_size(s->read_hash); + if (mac_size < 0) + return -1; OPENSSL_assert(mac_size <= MAX_MAC_SIZE); s->s2->mac_data=p; s->s2->ract_data= &p[mac_size]; @@ -447,7 +449,7 @@ int ssl2_write(SSL *s, const void *_buf, int len) n=(len-tot); for (;;) { - i=do_ssl_write(s,&(buf[tot]),n); + i=n_do_ssl_write(s,&(buf[tot]),n); if (i <= 0) { s->s2->wnum=tot; @@ -511,7 +513,7 @@ static int write_pending(SSL *s, const unsigned char *buf, unsigned int len) } } -static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) +static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) { unsigned int j,k,olen,p,mac_size,bs; register unsigned char *pp; @@ -529,7 +531,11 @@ static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) if (s->s2->clear_text) mac_size=0; else + { mac_size=EVP_MD_CTX_size(s->write_hash); + if (mac_size < 0) + return -1; + } /* lets set the pad p */ if (s->s2->clear_text) |