Fix missing return value checks

Ensure that all functions have their return values checked where appropriate. This covers all functions defined and called from within libssl. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-06 14:37:17 +00:00
parent 4bcdb4a601
commit 69f6823748
24 changed files with 237 additions and 136 deletions
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -378,7 +378,8 @@ SSL *SSL_new(SSL_CTX *ctx)
    s->references = 1;
    s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;

-    SSL_clear(s);
+    if(!SSL_clear(s))
+        goto err;

    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);

@@ -885,7 +886,10 @@ void SSL_copy_session_id(SSL *t, const SSL *f)
    CERT *tmp;

    /* Do we need to to SSL locking? */
-    SSL_set_session(t, SSL_get_session(f));
+    if(!SSL_set_session(t, SSL_get_session(f))) {
+        /* How do we handle this!! void function */
+        return;
+    }

    /*
     * what if we are setup as SSLv2 but want to talk SSLv3 or vice-versa
@@ -904,7 +908,10 @@ void SSL_copy_session_id(SSL *t, const SSL *f)
        t->cert = NULL;
    if (tmp != NULL)
        ssl_cert_free(tmp);
-    SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length);
+    if(!SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length)) {
+        /* Really should do something about this..but void function - ignore */
+        ;
+    }
 }

 /* Fix this so it checks all the valid key/cert options */
@@ -1924,10 +1931,10 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
    if (ret->cert_store == NULL)
        goto err;

-    ssl_create_cipher_list(ret->method,
+    if(!ssl_create_cipher_list(ret->method,
                           &ret->cipher_list, &ret->cipher_list_by_id,
-                           SSL_DEFAULT_CIPHER_LIST, ret->cert);
-    if (ret->cipher_list == NULL || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
+                           SSL_DEFAULT_CIPHER_LIST, ret->cert)
+       || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
        goto err2;
    }
@@ -1980,7 +1987,8 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
    ret->psk_server_callback = NULL;
 #endif
 #ifndef OPENSSL_NO_SRP
-    SSL_CTX_SRP_CTX_init(ret);
+    if(!SSL_CTX_SRP_CTX_init(ret))
+        goto err;
 #endif
 #ifndef OPENSSL_NO_ENGINE
    ret->client_cert_engine = NULL;
@@ -2783,7 +2791,8 @@ SSL *SSL_dup(SSL *s)
                goto err;
        }

-        SSL_set_session_id_context(ret, s->sid_ctx, s->sid_ctx_length);
+        if(!SSL_set_session_id_context(ret, s->sid_ctx, s->sid_ctx_length))
+            goto err;
    }

    ret->options = s->options;