projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
If we're going to return errors (no matter how stupid), then we should
[openssl.git]
/
ssl
/
t1_lib.c
diff --git
a/ssl/t1_lib.c
b/ssl/t1_lib.c
index e6ba33d85b1b847a6ba90670e8865b0fadc3c7e5..c1d4173b5e89207707c6181e821c6e4907ae1b18 100644
(file)
--- a/
ssl/t1_lib.c
+++ b/
ssl/t1_lib.c
@@
-1532,6
+1532,11
@@
static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
* integrity checks on ticket.
*/
mlen = HMAC_size(&hctx);
+ if (mlen < 0)
+ {
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ return -1;
+ }
eticklen -= mlen;
/* Check HMAC of encrypted ticket */
HMAC_Update(&hctx, etick, eticklen);