Check HMAC() return value to avoid a later use of uninitialized

CID 25421
author: tb <> 2022-08-30 20:40:14 +0000
committer: tb <> 2022-08-30 20:40:14 +0000
commit: a2701e1610925369192d4d0f4f871abf3115d2d0 (patch)
tree: 7f1f06fd8ad73629489d5e31750cad21def186de /src
parent: e0dee7e930b0265d6f81267fc0d9c9ce1dea38e5 (diff)
download: openbsd-a2701e1610925369192d4d0f4f871abf3115d2d0.tar.gz
openbsd-a2701e1610925369192d4d0f4f871abf3115d2d0.tar.bz2
openbsd-a2701e1610925369192d4d0f4f871abf3115d2d0.zip
1 files changed, 7 insertions, 3 deletions
diff --git a/src/usr.bin/openssl/s_cb.c b/src/usr.bin/openssl/s_cb.c
index 12a6c308fb..ffaa4c5b4d 100644
--- a/src/usr.bin/openssl/s_cb.c
+++ b/src/usr.bin/openssl/s_cb.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_cb.c,v 1.18 2022/02/03 18:40:34 tb Exp $ */
+/* $OpenBSD: s_cb.c,v 1.19 2022/08/30 20:40:14 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -914,8 +914,12 @@ verify_cookie_callback(SSL * ssl, const unsigned char *cookie,
        }
        /* Calculate HMAC of buffer using the secret */
-        HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
+        if (HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
-            buffer, length, result, &resultlength);
+            buffer, length, result, &resultlength) == NULL) {
+                free(buffer);
+                return 0;
+        }
        free(buffer);
        if (cookie_len == resultlength &&
author	tb <>	2022-08-30 20:40:14 +0000
committer	tb <>	2022-08-30 20:40:14 +0000
commit	a2701e1610925369192d4d0f4f871abf3115d2d0 (patch)
tree	7f1f06fd8ad73629489d5e31750cad21def186de /src
parent	e0dee7e930b0265d6f81267fc0d9c9ce1dea38e5 (diff)
download	openbsd-a2701e1610925369192d4d0f4f871abf3115d2d0.tar.gz openbsd-a2701e1610925369192d4d0f4f871abf3115d2d0.tar.bz2 openbsd-a2701e1610925369192d4d0f4f871abf3115d2d0.zip