In tls1_cert_verify_mac(), check the return value of EVP_MD_CTX_copy_ex()

to avoid a possible NULL function call on ctx.final(). None of the callers
currently check the return value of calls to cert_verify_mac(), however
the function already returns 0 in another case and the MAC comparison will
later fail.

Issue reported by David Ramos.

1 files changed, 5 insertions, 3 deletions

diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 6dcb2c849f..922d44ad4e 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -819,8 +819,8 @@ tls1_enc(SSL *s, int send)
 int
 tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
 {
-        unsigned int ret;
         EVP_MD_CTX ctx, *d = NULL;
+        unsigned int ret;
         int i;
 
         if (s->s3->handshake_buffer)
@@ -834,15 +834,17 @@ tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
                         break;
                 }
         }
-        if (!d) {
+        if (d == NULL) {
                 SSLerr(SSL_F_TLS1_CERT_VERIFY_MAC, SSL_R_NO_REQUIRED_DIGEST);
                 return 0;
         }
 
         EVP_MD_CTX_init(&ctx);
-        EVP_MD_CTX_copy_ex(&ctx, d);
+        if (!EVP_MD_CTX_copy_ex(&ctx, d))
+                return 0;
         EVP_DigestFinal_ex(&ctx, out, &ret);
         EVP_MD_CTX_cleanup(&ctx);
+
         return ((int)ret);
 }