Fix unhandled error condition in sslv2 client hello parsing.
authorAdam Eijdenberg <eijdenberg@google.com>
Tue, 4 Aug 2015 21:59:47 +0000 (14:59 -0700)
committerAdam Eijdenberg <eijdenberg@google.com>
Tue, 4 Aug 2015 22:05:01 +0000 (15:05 -0700)
--strict-warnings started showing warnings for this today...

Surely an error should be raised if these reads fail?

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
ssl/s3_srvr.c

index b60c962..725e3f9 100644 (file)
@@ -1014,6 +1014,9 @@ int ssl3_get_client_hello(SSL *s)
         if (!PACKET_get_net_2(&pkt, &csl)
                 || !PACKET_get_net_2(&pkt, &sil)
                 || !PACKET_get_net_2(&pkt, &cl)) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
+            al = SSL_AD_DECODE_ERROR;
+            goto f_err;
         }
 
         if (csl == 0) {