check return values for EVP_Digest*() APIs

Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2016-06-18 16:46:13 +0200
committer: Dr. Stephen Henson <steve@openssl.org> 2016-07-15 15:09:05 +0200
commit: d166ed8c11e10e9fdaeac182effb9dd318843924 (patch)
tree: fd47ffb1f5d42b121b04d14c1a8f6bdc659637f6 /ssl/s3_enc.c
parent: Windows: allow input and output flags to end with a space, or not (diff)
download: openssl-d166ed8c11e10e9fdaeac182effb9dd318843924.tar.xz
openssl-d166ed8c11e10e9fdaeac182effb9dd318843924.zip
1 files changed, 22 insertions, 18 deletions
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index b6de38d90b..3240735fab 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -70,23 +70,26 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
         for (j = 0; j < k; j++)
             buf[j] = c;
         c++;
-        EVP_DigestInit_ex(s1, EVP_sha1(), NULL);
-        EVP_DigestUpdate(s1, buf, k);
-        EVP_DigestUpdate(s1, s->session->master_key,
-                         s->session->master_key_length);
-        EVP_DigestUpdate(s1, s->s3->server_random, SSL3_RANDOM_SIZE);
-        EVP_DigestUpdate(s1, s->s3->client_random, SSL3_RANDOM_SIZE);
-        EVP_DigestFinal_ex(s1, smd, NULL);
-
-        EVP_DigestInit_ex(m5, EVP_md5(), NULL);
-        EVP_DigestUpdate(m5, s->session->master_key,
-                         s->session->master_key_length);
-        EVP_DigestUpdate(m5, smd, SHA_DIGEST_LENGTH);
+        if (!EVP_DigestInit_ex(s1, EVP_sha1(), NULL)
+            || !EVP_DigestUpdate(s1, buf, k)
+            || !EVP_DigestUpdate(s1, s->session->master_key,
+                                 s->session->master_key_length)
+            || !EVP_DigestUpdate(s1, s->s3->server_random, SSL3_RANDOM_SIZE)
+            || !EVP_DigestUpdate(s1, s->s3->client_random, SSL3_RANDOM_SIZE)
+            || !EVP_DigestFinal_ex(s1, smd, NULL)
+            || !EVP_DigestInit_ex(m5, EVP_md5(), NULL)
+            || !EVP_DigestUpdate(m5, s->session->master_key,
+                                 s->session->master_key_length)
+            || !EVP_DigestUpdate(m5, smd, SHA_DIGEST_LENGTH))
+            goto err;
         if ((int)(i + MD5_DIGEST_LENGTH) > num) {
-            EVP_DigestFinal_ex(m5, smd, NULL);
+            if (!EVP_DigestFinal_ex(m5, smd, NULL))
+                goto err;
             memcpy(km, smd, (num - i));
-        } else
-            EVP_DigestFinal_ex(m5, km, NULL);
+        } else {
+            if (!EVP_DigestFinal_ex(m5, km, NULL))
+                goto err;
+        }
 
         km += MD5_DIGEST_LENGTH;
     }
@@ -353,12 +356,13 @@ void ssl3_free_digest_list(SSL *s)
     s->s3->handshake_dgst = NULL;
 }
 
-void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len)
+int ssl3_finish_mac(SSL *s, const unsigned char *buf, int len)
 {
     if (s->s3->handshake_dgst == NULL)
-        BIO_write(s->s3->handshake_buffer, (void *)buf, len);
+        /* Note: this writes to a memory BIO so a failure is a fatal error */
+        return BIO_write(s->s3->handshake_buffer, (void *)buf, len) == len;
     else
-        EVP_DigestUpdate(s->s3->handshake_dgst, buf, len);
+        return EVP_DigestUpdate(s->s3->handshake_dgst, buf, len);
 }
 
 int ssl3_digest_cached_records(SSL *s, int keep)
author	Dr. Stephen Henson <steve@openssl.org>	2016-06-18 16:46:13 +0200
committer	Dr. Stephen Henson <steve@openssl.org>	2016-07-15 15:09:05 +0200
commit	d166ed8c11e10e9fdaeac182effb9dd318843924 (patch)
tree	fd47ffb1f5d42b121b04d14c1a8f6bdc659637f6 /ssl/s3_enc.c
parent	Windows: allow input and output flags to end with a space, or not (diff)
download	openssl-d166ed8c11e10e9fdaeac182effb9dd318843924.tar.xz openssl-d166ed8c11e10e9fdaeac182effb9dd318843924.zip