ensure that the EVP_CIPHER_CTX object is initialized

PR: 1490

diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c
index 18882bf70487f56bf73abff5b6b3a36ccaf849b4..1f62acd5b1e6fb1199c350ffe2452e8c51689a7b 100644 (file)
--- a/ssl/s2_enc.c
+++ b/ssl/s2_enc.c
@@ -82,15 +82,18 @@ int ssl2_enc_init(SSL *s, int client)
                ((s->enc_read_ctx=(EVP_CIPHER_CTX *)
                OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
                goto err;
                ((s->enc_read_ctx=(EVP_CIPHER_CTX *)
                OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
                goto err;

+
+       /* make sure it's intialized in case the malloc for enc_write_ctx fails
+        * and we exit with an error */
+       rs= s->enc_read_ctx;
+       EVP_CIPHER_CTX_init(rs);
+

        if ((s->enc_write_ctx == NULL) &&
                ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
                OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
                goto err;
 
        if ((s->enc_write_ctx == NULL) &&
                ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
                OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
                goto err;
 

-       rs= s->enc_read_ctx;

        ws= s->enc_write_ctx;
        ws= s->enc_write_ctx;

-
-       EVP_CIPHER_CTX_init(rs);

        EVP_CIPHER_CTX_init(ws);
 
        num=c->key_len;
        EVP_CIPHER_CTX_init(ws);
 
        num=c->key_len;

diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index b4c6f0f19bcdd55cc6e9a8b891543627a85357f0..1690663e0415a7b34c3f33238fbacc9eea304acc 100644 (file)
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -247,6 +247,9 @@ int ssl3_change_cipher_state(SSL *s, int which)
                        reuse_dd = 1;
                else if ((s->enc_read_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
                        goto err;
                        reuse_dd = 1;
                else if ((s->enc_read_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
                        goto err;

+               else
+                       /* make sure it's intialized in case we exit later with an error */
+                       EVP_CIPHER_CTX_init(s->enc_read_ctx);

                dd= s->enc_read_ctx;
                s->read_hash=m;
 #ifndef OPENSSL_NO_COMP
                dd= s->enc_read_ctx;
                s->read_hash=m;
 #ifndef OPENSSL_NO_COMP


@@ -280,6 +283,9 @@ int ssl3_change_cipher_state(SSL *s, int which)
                        reuse_dd = 1;
                else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
                        goto err;
                        reuse_dd = 1;
                else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
                        goto err;

+               else
+                       /* make sure it's intialized in case we exit later with an error */
+                       EVP_CIPHER_CTX_init(s->enc_write_ctx);

                dd= s->enc_write_ctx;
                s->write_hash=m;
 #ifndef OPENSSL_NO_COMP
                dd= s->enc_write_ctx;
                s->write_hash=m;
 #ifndef OPENSSL_NO_COMP


@@ -305,7 +311,6 @@ int ssl3_change_cipher_state(SSL *s, int which)
 
        if (reuse_dd)
                EVP_CIPHER_CTX_cleanup(dd);
 
        if (reuse_dd)
                EVP_CIPHER_CTX_cleanup(dd);

-       EVP_CIPHER_CTX_init(dd);

 
        p=s->s3->tmp.key_block;
        i=EVP_MD_size(m);
 
        p=s->s3->tmp.key_block;
        i=EVP_MD_size(m);

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 4baea2dc672464f1be7192b9347bf85f1952d9ce..29892e6d7d965fa9a89b79dd4d1f3cbe49c8eb1e 100644 (file)
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -293,6 +293,9 @@ int tls1_change_cipher_state(SSL *s, int which)
                        reuse_dd = 1;
                else if ((s->enc_read_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
                        goto err;
                        reuse_dd = 1;
                else if ((s->enc_read_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
                        goto err;

+               else
+                       /* make sure it's intialized in case we exit later with an error */
+                       EVP_CIPHER_CTX_init(s->enc_read_ctx);

                dd= s->enc_read_ctx;
                s->read_hash=m;
 #ifndef OPENSSL_NO_COMP
                dd= s->enc_read_ctx;
                s->read_hash=m;
 #ifndef OPENSSL_NO_COMP


@@ -327,10 +330,9 @@ int tls1_change_cipher_state(SSL *s, int which)
                        reuse_dd = 1;
                else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
                        goto err;
                        reuse_dd = 1;
                else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
                        goto err;

-               if ((s->enc_write_ctx == NULL) &&
-                       ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
-                       OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
-                       goto err;
+               else
+                       /* make sure it's intialized in case we exit later with an error */
+                       EVP_CIPHER_CTX_init(s->enc_write_ctx);

                dd= s->enc_write_ctx;
                s->write_hash=m;
 #ifndef OPENSSL_NO_COMP
                dd= s->enc_write_ctx;
                s->write_hash=m;
 #ifndef OPENSSL_NO_COMP


@@ -357,7 +359,6 @@ int tls1_change_cipher_state(SSL *s, int which)
 
        if (reuse_dd)
                EVP_CIPHER_CTX_cleanup(dd);
 
        if (reuse_dd)
                EVP_CIPHER_CTX_cleanup(dd);

-       EVP_CIPHER_CTX_init(dd);

 
        p=s->s3->tmp.key_block;
        i=EVP_MD_size(m);
 
        p=s->s3->tmp.key_block;
        i=EVP_MD_size(m);