Add extra validation parsing the server-to-client early_data extension

[openssl.git] / ssl / s3_enc.c

diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 7fdf4e15b19435c1359b76d57fa29b3b4ee41406..165135707acb63d2ae9144af7d4a66907abf2e67 100644 (file)
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -61,10 +61,10 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
     EVP_MD_CTX_set_flags(m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
     for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) {
         k++;
-        if (k > sizeof buf) {
+        if (k > sizeof(buf)) {
             /* bug: 'buf' is too small for this ciphersuite */
             SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_INTERNAL_ERROR);
-            return 0;
+            goto err;
         }
 
         for (j = 0; j < k; j++)
@@ -227,7 +227,8 @@ int ssl3_change_cipher_state(SSL *s, int which)
 
     memcpy(mac_secret, ms, i);
 
-    EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE));
+    if (!EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE)))
+        goto err2;
 
 #ifdef OPENSSL_SSL_TRACE_CRYPTO
     if (s->msg_callback) {
@@ -407,7 +408,8 @@ int ssl3_digest_cached_records(SSL *s, int keep)
     return 1;
 }
 
-size_t ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p)
+size_t ssl3_final_finish_mac(SSL *s, const char *sender, size_t len,
+                             unsigned char *p)
 {
     int ret;
     EVP_MD_CTX *ctx = NULL;
@@ -438,7 +440,7 @@ size_t ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char
 
     if ((sender != NULL && EVP_DigestUpdate(ctx, sender, len) <= 0)
         || EVP_MD_CTX_ctrl(ctx, EVP_CTRL_SSL3_MASTER_SECRET,
-                           s->session->master_key_length,
+                           (int)s->session->master_key_length,
                            s->session->master_key) <= 0
         || EVP_DigestFinal_ex(ctx, p, NULL) <= 0) {
         SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_INTERNAL_ERROR);