projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Coverity 1414465: Resource leaks (RESOURCE_LEAK)
[openssl.git]
/
ssl
/
t1_trce.c
diff --git
a/ssl/t1_trce.c
b/ssl/t1_trce.c
index d3f67f5b2a6e33de2c75aeb27e1f429f96228b55..489558e052469e614c6008a97f5f7073a9199953 100644
(file)
--- a/
ssl/t1_trce.c
+++ b/
ssl/t1_trce.c
@@
-1,7
+1,7
@@
/*
* Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.
*
/*
* Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the
OpenSSL license
(the "License"). You may not use
+ * Licensed under the
Apache License 2.0
(the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
@@
-19,11
+19,11
@@
typedef struct {
} ssl_trace_tbl;
# define ssl_trace_str(val, tbl) \
} ssl_trace_tbl;
# define ssl_trace_str(val, tbl) \
-
do_ssl_trace_str(val, tbl, OSSL_NELEM(tbl))
+ do_ssl_trace_str(val, tbl, OSSL_NELEM(tbl))
# define ssl_trace_list(bio, indent, msg, msglen, value, table) \
# define ssl_trace_list(bio, indent, msg, msglen, value, table) \
-
do_ssl_trace_list(bio, indent, msg, msglen, value, \
- table, OSSL_NELEM(table))
+ do_ssl_trace_list(bio, indent, msg, msglen, value, \
+
table, OSSL_NELEM(table))
static const char *do_ssl_trace_str(int val, const ssl_trace_tbl *tbl,
size_t ntbl)
static const char *do_ssl_trace_str(int val, const ssl_trace_tbl *tbl,
size_t ntbl)
@@
-65,8
+65,6
@@
static const ssl_trace_tbl ssl_version_tbl[] = {
{TLS1_1_VERSION, "TLS 1.1"},
{TLS1_2_VERSION, "TLS 1.2"},
{TLS1_3_VERSION, "TLS 1.3"},
{TLS1_1_VERSION, "TLS 1.1"},
{TLS1_2_VERSION, "TLS 1.2"},
{TLS1_3_VERSION, "TLS 1.3"},
- /* TODO(TLS1.3): Remove this line before release */
- {TLS1_3_VERSION_DRAFT, TLS1_3_VERSION_DRAFT_TXT},
{DTLS1_VERSION, "DTLS 1.0"},
{DTLS1_2_VERSION, "DTLS 1.2"},
{DTLS1_BAD_VER, "DTLS 1.0 (bad)"}
{DTLS1_VERSION, "DTLS 1.0"},
{DTLS1_2_VERSION, "DTLS 1.2"},
{DTLS1_BAD_VER, "DTLS 1.0 (bad)"}
@@
-470,7
+468,6
@@
static const ssl_trace_tbl ssl_exts_tbl[] = {
{TLSEXT_TYPE_srp, "srp"},
{TLSEXT_TYPE_signature_algorithms, "signature_algorithms"},
{TLSEXT_TYPE_use_srtp, "use_srtp"},
{TLSEXT_TYPE_srp, "srp"},
{TLSEXT_TYPE_signature_algorithms, "signature_algorithms"},
{TLSEXT_TYPE_use_srtp, "use_srtp"},
- {TLSEXT_TYPE_heartbeat, "tls_heartbeat"},
{TLSEXT_TYPE_application_layer_protocol_negotiation,
"application_layer_protocol_negotiation"},
{TLSEXT_TYPE_signed_certificate_timestamp, "signed_certificate_timestamps"},
{TLSEXT_TYPE_application_layer_protocol_negotiation,
"application_layer_protocol_negotiation"},
{TLSEXT_TYPE_signed_certificate_timestamp, "signed_certificate_timestamps"},
@@
-640,10
+637,8
@@
static int ssl_print_version(BIO *bio, int indent, const char *name,
if (*pmsglen < 2)
return 0;
vers = ((*pmsg)[0] << 8) | (*pmsg)[1];
if (*pmsglen < 2)
return 0;
vers = ((*pmsg)[0] << 8) | (*pmsg)[1];
- if (version != NULL) {
- /* TODO(TLS1.3): Remove the draft conditional here before release */
- *version = (vers == TLS1_3_VERSION_DRAFT) ? TLS1_3_VERSION : vers;
- }
+ if (version != NULL)
+ *version = vers;
BIO_indent(bio, indent, 80);
BIO_printf(bio, "%s=0x%x (%s)\n",
name, vers, ssl_trace_str(vers, ssl_version_tbl));
BIO_indent(bio, indent, 80);
BIO_printf(bio, "%s=0x%x (%s)\n",
name, vers, ssl_trace_str(vers, ssl_version_tbl));
@@
-787,9
+782,6
@@
static int ssl_print_extension(BIO *bio, int indent, int server,
}
break;
}
break;
- case TLSEXT_TYPE_heartbeat:
- return 0;
-
case TLSEXT_TYPE_session_ticket:
if (extlen != 0)
ssl_print_hex(bio, indent + 4, "ticket", ext, extlen);
case TLSEXT_TYPE_session_ticket:
if (extlen != 0)
ssl_print_hex(bio, indent + 4, "ticket", ext, extlen);
@@
-889,28
+881,35
@@
static int ssl_print_extensions(BIO *bio, int indent, int server,
BIO_indent(bio, indent, 80);
if (msglen == 0) {
BIO_indent(bio, indent, 80);
if (msglen == 0) {
- BIO_puts(bio, "No
E
xtensions\n");
+ BIO_puts(bio, "No
e
xtensions\n");
return 1;
}
if (msglen < 2)
return 0;
extslen = (msg[0] << 8) | msg[1];
return 1;
}
if (msglen < 2)
return 0;
extslen = (msg[0] << 8) | msg[1];
- if (extslen != msglen - 2)
- return 0;
+ msglen -= 2;
msg += 2;
msg += 2;
- msglen = extslen;
- BIO_printf(bio, "extensions, length = %d\n", (int)msglen);
- while (msglen > 0) {
+ if (extslen == 0) {
+ BIO_puts(bio, "No extensions\n");
+ *msgin = msg;
+ *msginlen = msglen;
+ return 1;
+ }
+ if (extslen > msglen)
+ return 0;
+ BIO_printf(bio, "extensions, length = %d\n", (int)extslen);
+ msglen -= extslen;
+ while (extslen > 0) {
int extype;
size_t extlen;
int extype;
size_t extlen;
- if (
msg
len < 4)
+ if (
exts
len < 4)
return 0;
extype = (msg[0] << 8) | msg[1];
extlen = (msg[2] << 8) | msg[3];
return 0;
extype = (msg[0] << 8) | msg[1];
extlen = (msg[2] << 8) | msg[3];
- if (
msg
len < extlen + 4) {
+ if (
exts
len < extlen + 4) {
BIO_printf(bio, "extensions, extype = %d, extlen = %d\n", extype,
(int)extlen);
BIO_printf(bio, "extensions, extype = %d, extlen = %d\n", extype,
(int)extlen);
- BIO_dump_indent(bio, (const char *)msg,
msg
len, indent + 2);
+ BIO_dump_indent(bio, (const char *)msg,
exts
len, indent + 2);
return 0;
}
msg += 4;
return 0;
}
msg += 4;
@@
-918,7
+917,7
@@
static int ssl_print_extensions(BIO *bio, int indent, int server,
extlen))
return 0;
msg += extlen;
extlen))
return 0;
msg += extlen;
-
msg
len -= extlen + 4;
+
exts
len -= extlen + 4;
}
*msgin = msg;
}
*msgin = msg;
@@
-1031,7
+1030,7
@@
static int ssl_print_server_hello(BIO *bio, int indent,
static int ssl_get_keyex(const char **pname, const SSL *ssl)
{
static int ssl_get_keyex(const char **pname, const SSL *ssl)
{
- unsigned long alg_k = ssl->s3
->
tmp.new_cipher->algorithm_mkey;
+ unsigned long alg_k = ssl->s3
.
tmp.new_cipher->algorithm_mkey;
if (alg_k & SSL_kRSA) {
*pname = "rsa";
if (alg_k & SSL_kRSA) {
*pname = "rsa";
@@
-1362,8
+1361,8
@@
static int ssl_print_ticket(BIO *bio, int indent, const SSL *ssl,
if (msglen < 4)
return 0;
if (msglen < 4)
return 0;
- ticket_age_add =
(msg[0] << 24) | (msg[1] << 16) | (msg[2] << 8)
-
| msg[3];
+ ticket_age_add =
+
(msg[0] << 24) | (msg[1] << 16) | (msg[2] << 8)
| msg[3];
msglen -= 4;
msg += 4;
BIO_indent(bio, indent + 2, 80);
msglen -= 4;
msg += 4;
BIO_indent(bio, indent + 2, 80);
@@
-1504,7
+1503,8
@@
void SSL_trace(int write_p, int version, int content_type,
int hvers;
/* avoid overlapping with length at the end of buffer */
int hvers;
/* avoid overlapping with length at the end of buffer */
- if (msglen < (SSL_IS_DTLS(ssl) ? 13 : 5)) {
+ if (msglen < (size_t)(SSL_IS_DTLS(ssl) ?
+ DTLS1_RT_HEADER_LENGTH : SSL3_RT_HEADER_LENGTH)) {
BIO_puts(bio, write_p ? "Sent" : "Received");
ssl_print_hex(bio, 0, " too short message", msg, msglen);
break;
BIO_puts(bio, write_p ? "Sent" : "Received");
ssl_print_hex(bio, 0, " too short message", msg, msglen);
break;