From 6c3cca5793b1ac57daceb8111d842f954a5ecf6a Mon Sep 17 00:00:00 2001
From: Adam Eijdenberg <eijdenberg@google.com>
Date: Tue, 4 Aug 2015 14:59:47 -0700
Subject: [PATCH 1/1] Fix unhandled error condition in sslv2 client hello
 parsing.

--strict-warnings started showing warnings for this today...

Surely an error should be raised if these reads fail?

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
---
 ssl/s3_srvr.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index b60c96264a..725e3f963d 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1014,6 +1014,9 @@ int ssl3_get_client_hello(SSL *s)
         if (!PACKET_get_net_2(&pkt, &csl)
                 || !PACKET_get_net_2(&pkt, &sil)
                 || !PACKET_get_net_2(&pkt, &cl)) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
+            al = SSL_AD_DECODE_ERROR;
+            goto f_err;
         }
 
         if (csl == 0) {
-- 
2.34.1