Deal with the unlikely event that EVP_MD_CTX_size() returns an error.
authorBen Laurie <ben@openssl.org>
Sat, 27 Dec 2008 02:09:24 +0000 (02:09 +0000)
committerBen Laurie <ben@openssl.org>
Sat, 27 Dec 2008 02:09:24 +0000 (02:09 +0000)
(Coverity ID 140).

ssl/d1_pkt.c
ssl/ssl.h
ssl/ssl_err.c

index 9e38cb5..75c2b63 100644 (file)
@@ -428,6 +428,12 @@ printf("\n");
        if (!clear)
                {
                mac_size=EVP_MD_CTX_size(s->read_hash);
+               if (mac_size <= 0)
+                       {
+                       al=SSL_AD_INTERNAL_ERROR;
+                       SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_BAD_MAC_LENGTH);
+                       goto f_err;
+                       }
 
                if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+mac_size)
                        {
index 64173af..893eb6e 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1996,6 +1996,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_BAD_HELLO_REQUEST                                 105
 #define SSL_R_BAD_LENGTH                                271
 #define SSL_R_BAD_MAC_DECODE                            113
+#define SSL_R_BAD_MAC_LENGTH                            333
 #define SSL_R_BAD_MESSAGE_TYPE                          114
 #define SSL_R_BAD_PACKET_LENGTH                                 115
 #define SSL_R_BAD_PROTOCOL_VERSION_NUMBER               116
index 7879a31..c7b36b5 100644 (file)
@@ -290,6 +290,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 {ERR_REASON(SSL_R_BAD_HELLO_REQUEST)     ,"bad hello request"},
 {ERR_REASON(SSL_R_BAD_LENGTH)            ,"bad length"},
 {ERR_REASON(SSL_R_BAD_MAC_DECODE)        ,"bad mac decode"},
+{ERR_REASON(SSL_R_BAD_MAC_LENGTH)        ,"bad mac length"},
 {ERR_REASON(SSL_R_BAD_MESSAGE_TYPE)      ,"bad message type"},
 {ERR_REASON(SSL_R_BAD_PACKET_LENGTH)     ,"bad packet length"},
 {ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER),"bad protocol version number"},