Add missing return check for PACKET_buf_init
authorMatt Caswell <matt@openssl.org>
Mon, 3 Aug 2015 16:20:07 +0000 (17:20 +0100)
committerMatt Caswell <matt@openssl.org>
Thu, 13 Aug 2015 19:34:51 +0000 (20:34 +0100)
The new ClientHello PACKET code is missing a return value check.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
ssl/s3_srvr.c

index acb2fa9..c723ea0 100644 (file)
@@ -874,7 +874,11 @@ int ssl3_get_client_hello(SSL *s)
     if (!ok)
         return ((int)n);
     s->first_packet = 0;
-    PACKET_buf_init(&pkt, s->init_msg, n);
+    if (!PACKET_buf_init(&pkt, s->init_msg, n)) {
+        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+        al = SSL_AD_INTERNAL_ERROR;
+        goto f_err;
+    }
 
     /* First lets get s->client_version set correctly */
     if (RECORD_LAYER_is_sslv2_record(&s->rlayer)) {