summaryrefslogtreecommitdiffstats
path: root/ssl/s2_pkt.c
diff options
context:
space:
mode:
authorBen Laurie <ben@openssl.org>2008-12-29 17:11:58 +0100
committerBen Laurie <ben@openssl.org>2008-12-29 17:11:58 +0100
commit0eab41fb78cf4d7c76e563fd677ab6c32fc28bb0 (patch)
treeda848c7424ced86fc60823f4948b0fc79e52a381 /ssl/s2_pkt.c
parentMake sure a bad parameter to RSA_verify_PKCS1_PSS() doesn't lead to a crash. (diff)
downloadopenssl-0eab41fb78cf4d7c76e563fd677ab6c32fc28bb0.tar.xz
openssl-0eab41fb78cf4d7c76e563fd677ab6c32fc28bb0.zip
If we're going to return errors (no matter how stupid), then we should
test for them!
Diffstat (limited to 'ssl/s2_pkt.c')
-rw-r--r--ssl/s2_pkt.c14
1 files changed, 10 insertions, 4 deletions
diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index e6d5d09643..9c1d1313c1 100644
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -116,7 +116,7 @@
#define USE_SOCKETS
static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend);
-static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
+static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
static int write_pending(SSL *s, const unsigned char *buf, unsigned int len);
static int ssl_mt_error(int n);
@@ -130,7 +130,7 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
unsigned char mac[MAX_MAC_SIZE];
unsigned char *p;
int i;
- unsigned int mac_size;
+ int mac_size;
ssl2_read_again:
if (SSL_in_init(s) && !s->in_handshake)
@@ -247,6 +247,8 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
else
{
mac_size=EVP_MD_CTX_size(s->read_hash);
+ if (mac_size < 0)
+ return -1;
OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
s->s2->mac_data=p;
s->s2->ract_data= &p[mac_size];
@@ -447,7 +449,7 @@ int ssl2_write(SSL *s, const void *_buf, int len)
n=(len-tot);
for (;;)
{
- i=do_ssl_write(s,&(buf[tot]),n);
+ i=n_do_ssl_write(s,&(buf[tot]),n);
if (i <= 0)
{
s->s2->wnum=tot;
@@ -511,7 +513,7 @@ static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
}
}
-static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
+static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
{
unsigned int j,k,olen,p,mac_size,bs;
register unsigned char *pp;
@@ -529,7 +531,11 @@ static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
if (s->s2->clear_text)
mac_size=0;
else
+ {
mac_size=EVP_MD_CTX_size(s->write_hash);
+ if (mac_size < 0)
+ return -1;
+ }
/* lets set the pad p */
if (s->s2->clear_text)