diff options
| author | jsing <> | 2021-05-02 16:00:33 +0000 |
|---|---|---|
| committer | jsing <> | 2021-05-02 16:00:33 +0000 |
| commit | fd4dbd5fe6f9115e21352ba8bf2af64733fefecd (patch) | |
| tree | 4377b53e0d791f96203b97539d53c44bbb21a39b | |
| parent | ad1f7415eb38a81db6b28cde559a74f7686f8da2 (diff) | |
| download | openbsd-fd4dbd5fe6f9115e21352ba8bf2af64733fefecd.tar.gz openbsd-fd4dbd5fe6f9115e21352ba8bf2af64733fefecd.tar.bz2 openbsd-fd4dbd5fe6f9115e21352ba8bf2af64733fefecd.zip | |
Ensure that handshake hash is non-NULL in tls1_transcript_hash_value().
There are several paths where a subtle bug could result in
tls1_transcript_hash_value() being called with a NULL handshake hash - add
an explicit check for this case. As noted by tb@, due to the wonders of
the libcrypto EVP APIs, combined with integer promotion, we already have
a NULL check - this one is just more obvious.
ok tb@
| -rw-r--r-- | src/lib/libssl/ssl_transcript.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_transcript.c b/src/lib/libssl/ssl_transcript.c index f97b2b9190..688f6dca43 100644 --- a/src/lib/libssl/ssl_transcript.c +++ b/src/lib/libssl/ssl_transcript.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_transcript.c,v 1.3 2021/04/23 18:30:18 tb Exp $ */ | 1 | /* $OpenBSD: ssl_transcript.c,v 1.4 2021/05/02 16:00:33 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -76,6 +76,9 @@ tls1_transcript_hash_value(SSL *s, const unsigned char *out, size_t len, | |||
| 76 | unsigned int mdlen; | 76 | unsigned int mdlen; |
| 77 | int ret = 0; | 77 | int ret = 0; |
| 78 | 78 | ||
| 79 | if (S3I(s)->handshake_hash == NULL) | ||
| 80 | goto err; | ||
| 81 | |||
| 79 | if (EVP_MD_CTX_size(S3I(s)->handshake_hash) > len) | 82 | if (EVP_MD_CTX_size(S3I(s)->handshake_hash) > len) |
| 80 | goto err; | 83 | goto err; |
| 81 | 84 | ||