generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fixed missing return value checks.

Browse Source 
Added various missing return value checks in tls1_change_cipher_state.

Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell 2015-02-26 11:54:58 +00:00
parent 195f6302bb
commit 87cd297d14
1 changed files with 17 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
ssl/t1_enc.c
View File

@ -550,16 +550,24 @@ int tls1_change_cipher_state(SSL *s, int which)
#endif /* KSSL_DEBUG */ #endif /* KSSL_DEBUG */
if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) { if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {
EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE)); if (!EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE))
EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_GCM_SET_IV_FIXED, k, iv); || !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_GCM_SET_IV_FIXED, k, iv)) {
} else SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE)); goto err2;
}
} else {
if (!EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE))) {
SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
goto err2;
}
}
/* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */ /* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */
if ((EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER) && *mac_secret_size) if ((EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER) && *mac_secret_size
EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_MAC_KEY, && !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_MAC_KEY,
*mac_secret_size, mac_secret); *mac_secret_size, mac_secret)) {
SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
goto err2;
}
#ifdef OPENSSL_SSL_TRACE_CRYPTO #ifdef OPENSSL_SSL_TRACE_CRYPTO
if (s->msg_callback) { if (s->msg_callback) {
int wh = which & SSL3_CC_WRITE ? TLS1_RT_CRYPTO_WRITE : 0; int wh = which & SSL3_CC_WRITE ? TLS1_RT_CRYPTO_WRITE : 0;