X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=ssl%2Fs2_pkt.c;h=acd61dc546afb37c344d3d77c113b76b847528ec;hb=cf75017bfd60333ff65edf9840001cd2c49870a3;hp=ac963b2d47d6e369adc012ffac5c8df4ddc7f4bb;hpb=b3f3407850d5e4b2a91aa7c7db39302bb9e80405;p=openssl.git

diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index ac963b2d47..acd61dc546 100644
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -265,12 +265,15 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
 		if ((!s->s2->clear_text) &&
 			(s->s2->rlength >= (unsigned int)mac_size))
 			{
-			ssl2_enc(s,0);
+			if(!ssl2_enc(s,0))
+				{
+				SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_DECRYPTION_FAILED);
+				return(-1);
+				}
 			s->s2->ract_data_length-=mac_size;
 			ssl2_mac(s,mac,0);
 			s->s2->ract_data_length-=s->s2->padding;
-			if (	(memcmp(mac,s->s2->mac_data,
-				(unsigned int)mac_size) != 0) ||
+			if (	(CRYPTO_memcmp(mac,s->s2->mac_data,mac_size) != 0) ||
 				(s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0))
 				{
 				SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_MAC_DECODE);
@@ -617,7 +620,8 @@ static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
 		s->s2->wact_data_length=len+p;
 		ssl2_mac(s,s->s2->mac_data,1);
 		s->s2->wlength+=p+mac_size;
-		ssl2_enc(s,1);
+		if(ssl2_enc(s,1) < 1)
+			return -1;
 		}
 
 	/* package up the header */