diff options
| author | jsing <> | 2014-12-10 15:43:31 +0000 |
|---|---|---|
| committer | jsing <> | 2014-12-10 15:43:31 +0000 |
| commit | 47eb97a22f4397f7e4d7b37419d4c88e805cf71b (patch) | |
| tree | 626ac5debee47cd4bf6f23ff35253234be5bbe4d /src/lib/libssl/s3_clnt.c | |
| parent | 1434a91c4d4dc782915ce81dd056fa8f6cb77ae1 (diff) | |
| download | openbsd-47eb97a22f4397f7e4d7b37419d4c88e805cf71b.tar.gz openbsd-47eb97a22f4397f7e4d7b37419d4c88e805cf71b.tar.bz2 openbsd-47eb97a22f4397f7e4d7b37419d4c88e805cf71b.zip | |
ssl3_init_finished_mac() calls BIO_new() which can fail since it in turn
calls malloc(). Instead of silently continuing on failure, check the return
value of BIO_new() and propagate failure back to the caller for appropriate
handling.
ok bcook@
Diffstat (limited to 'src/lib/libssl/s3_clnt.c')
| -rw-r--r-- | src/lib/libssl/s3_clnt.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 6a54dfa359..e7741826ae 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_clnt.c,v 1.98 2014/12/10 15:36:46 jsing Exp $ */ | 1 | /* $OpenBSD: s3_clnt.c,v 1.99 2014/12/10 15:43:31 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -288,7 +288,10 @@ ssl3_connect(SSL *s) | |||
| 288 | 288 | ||
| 289 | /* don't push the buffering BIO quite yet */ | 289 | /* don't push the buffering BIO quite yet */ |
| 290 | 290 | ||
| 291 | ssl3_init_finished_mac(s); | 291 | if (!ssl3_init_finished_mac(s)) { |
| 292 | ret = -1; | ||
| 293 | goto end; | ||
| 294 | } | ||
| 292 | 295 | ||
| 293 | s->state = SSL3_ST_CW_CLNT_HELLO_A; | 296 | s->state = SSL3_ST_CW_CLNT_HELLO_A; |
| 294 | s->ctx->stats.sess_connect++; | 297 | s->ctx->stats.sess_connect++; |