diff options
| author | tb <> | 2022-08-30 20:40:14 +0000 |
|---|---|---|
| committer | tb <> | 2022-08-30 20:40:14 +0000 |
| commit | f757c531be5c74165c427b06da2503bf8a861c1b (patch) | |
| tree | 7f1f06fd8ad73629489d5e31750cad21def186de | |
| parent | 98a0a6259748fe8d10eccc40a94f489fca309d99 (diff) | |
| download | openbsd-f757c531be5c74165c427b06da2503bf8a861c1b.tar.gz openbsd-f757c531be5c74165c427b06da2503bf8a861c1b.tar.bz2 openbsd-f757c531be5c74165c427b06da2503bf8a861c1b.zip | |
Check HMAC() return value to avoid a later use of uninitialized
CID 25421
| -rw-r--r-- | src/usr.bin/openssl/s_cb.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/usr.bin/openssl/s_cb.c b/src/usr.bin/openssl/s_cb.c index 12a6c308fb..ffaa4c5b4d 100644 --- a/src/usr.bin/openssl/s_cb.c +++ b/src/usr.bin/openssl/s_cb.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s_cb.c,v 1.18 2022/02/03 18:40:34 tb Exp $ */ | 1 | /* $OpenBSD: s_cb.c,v 1.19 2022/08/30 20:40:14 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -914,8 +914,12 @@ verify_cookie_callback(SSL * ssl, const unsigned char *cookie, | |||
| 914 | } | 914 | } |
| 915 | 915 | ||
| 916 | /* Calculate HMAC of buffer using the secret */ | 916 | /* Calculate HMAC of buffer using the secret */ |
| 917 | HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH, | 917 | if (HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH, |
| 918 | buffer, length, result, &resultlength); | 918 | buffer, length, result, &resultlength) == NULL) { |
| 919 | free(buffer); | ||
| 920 | return 0; | ||
| 921 | } | ||
| 922 | |||
| 919 | free(buffer); | 923 | free(buffer); |
| 920 | 924 | ||
| 921 | if (cookie_len == resultlength && | 925 | if (cookie_len == resultlength && |