diff options
author | Matt Caswell <matt@openssl.org> | 2015-04-28 15:19:50 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-04-30 23:12:39 +0100 |
commit | c427570e5098e120cbcb66e799f85c317aac7b91 (patch) | |
tree | 4c6152175147a166450a6c21bfa455c063875ddc /ssl | |
parent | 29b0a15a480626544dd0c803d5de671552544de6 (diff) | |
download | openssl-c427570e5098e120cbcb66e799f85c317aac7b91.tar.gz |
Sanity check the return from final_finish_mac
The return value is checked for 0. This is currently safe but we should
really check for <= 0 since -1 is frequently used for error conditions.
Thanks to Kevin Wojtysiak (Int3 Solutions) and Paramjot Oberoi (Int3
Solutions) for reporting this issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s3_both.c | 2 | ||||
-rw-r--r-- | ssl/ssl_locl.h | 1 |
2 files changed, 1 insertions, 2 deletions
diff --git a/ssl/s3_both.c b/ssl/s3_both.c index d0cb763b8d..bf5e8c7c2d 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -168,7 +168,7 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) i = s->method->ssl3_enc->final_finish_mac(s, sender, slen, s->s3->tmp.finish_md); - if (i == 0) + if (i <= 0) return 0; s->s3->tmp.finish_md_len = i; memcpy(p, s->s3->tmp.finish_md, i); diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 8b4c6150ef..9ae1a0711b 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -2073,7 +2073,6 @@ void dtls1_set_message_header(SSL *s, __owur int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len); __owur int dtls1_send_change_cipher_spec(SSL *s, int a, int b); -__owur int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen); __owur int dtls1_read_failed(SSL *s, int code); __owur int dtls1_buffer_message(SSL *s, int ccs); __owur int dtls1_retransmit_message(SSL *s, unsigned short seq, |