ensure that the EVP_CIPHER_CTX object is initialized

PR: 1490

diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c
index 18882bf70487f56bf73abff5b6b3a36ccaf849b4..1f62acd5b1e6fb1199c350ffe2452e8c51689a7b 100644 (file)
--- a/ssl/s2_enc.c
+++ b/ssl/s2_enc.c
@@ -82,15 +82,18 @@ int ssl2_enc_init(SSL *s, int client)
                ((s->enc_read_ctx=(EVP_CIPHER_CTX *)
                OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
                goto err;
+
+       /* make sure it's intialized in case the malloc for enc_write_ctx fails
+        * and we exit with an error */
+       rs= s->enc_read_ctx;
+       EVP_CIPHER_CTX_init(rs);
+
        if ((s->enc_write_ctx == NULL) &&
                ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
                OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
                goto err;
 
-       rs= s->enc_read_ctx;
        ws= s->enc_write_ctx;
-
-       EVP_CIPHER_CTX_init(rs);
        EVP_CIPHER_CTX_init(ws);
 
        num=c->key_len;

diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 561a9846e97432d3356bd1795e9f9802d1dd9d62..2859351b001f6343d72b2adf4023f3bf6a74474b 100644 (file)
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -221,6 +221,9 @@ int ssl3_change_cipher_state(SSL *s, int which)
                        reuse_dd = 1;
                else if ((s->enc_read_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
                        goto err;
+               else
+                       /* make sure it's intialized in case we exit later with an error */
+                       EVP_CIPHER_CTX_init(s->enc_read_ctx);
                dd= s->enc_read_ctx;
                s->read_hash=m;
 #ifndef OPENSSL_NO_COMP
@@ -254,6 +257,9 @@ int ssl3_change_cipher_state(SSL *s, int which)
                        reuse_dd = 1;
                else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
                        goto err;
+               else
+                       /* make sure it's intialized in case we exit later with an error */
+                       EVP_CIPHER_CTX_init(s->enc_write_ctx);
                dd= s->enc_write_ctx;
                s->write_hash=m;
 #ifndef OPENSSL_NO_COMP
@@ -279,7 +285,6 @@ int ssl3_change_cipher_state(SSL *s, int which)
 
        if (reuse_dd)
                EVP_CIPHER_CTX_cleanup(dd);
-       EVP_CIPHER_CTX_init(dd);
 
        p=s->s3->tmp.key_block;
        i=EVP_MD_size(m);

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index e0ce681574b9b3bf44c292646f14218ff5d5eead..68448b98caca2c10512d2b194adc11d3896d9eef 100644 (file)
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -267,6 +267,9 @@ int tls1_change_cipher_state(SSL *s, int which)
                        reuse_dd = 1;
                else if ((s->enc_read_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
                        goto err;
+               else
+                       /* make sure it's intialized in case we exit later with an error */
+                       EVP_CIPHER_CTX_init(s->enc_read_ctx);
                dd= s->enc_read_ctx;
                s->read_hash=m;
 #ifndef OPENSSL_NO_COMP
@@ -301,10 +304,9 @@ int tls1_change_cipher_state(SSL *s, int which)
                        reuse_dd = 1;
                else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
                        goto err;
-               if ((s->enc_write_ctx == NULL) &&
-                       ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
-                       OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
-                       goto err;
+               else
+                       /* make sure it's intialized in case we exit later with an error */
+                       EVP_CIPHER_CTX_init(s->enc_write_ctx);
                dd= s->enc_write_ctx;
                s->write_hash=m;
 #ifndef OPENSSL_NO_COMP
@@ -331,7 +333,6 @@ int tls1_change_cipher_state(SSL *s, int which)
 
        if (reuse_dd)
                EVP_CIPHER_CTX_cleanup(dd);
-       EVP_CIPHER_CTX_init(dd);
 
        p=s->s3->tmp.key_block;
        i=EVP_MD_size(m);