[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Thu Aug 13 19:37:31 UTC 2015
The branch master has been updated
via bc6616a4347d4c30bce1d1918da09f09f84c0403 (commit)
via f9f6053442a2918d0445866252256b2cb54a1187 (commit)
from cc2829e6641092abed8360433dbe67e883fd1cc6 (commit)
- Log -----------------------------------------------------------------
commit bc6616a4347d4c30bce1d1918da09f09f84c0403
Author: Matt Caswell <matt at openssl.org>
Date: Mon Aug 3 17:20:47 2015 +0100
Enhance PACKET readability
Enhance the PACKET code readability, and fix a stale comment. Thanks
to Ben Kaduk (bkaduk at akamai.com) for pointing this out.
Reviewed-by: Emilia Käsper <emilia at openssl.org>
commit f9f6053442a2918d0445866252256b2cb54a1187
Author: Matt Caswell <matt at openssl.org>
Date: Mon Aug 3 17:20:07 2015 +0100
Add missing return check for PACKET_buf_init
The new ClientHello PACKET code is missing a return value check.
Reviewed-by: Emilia Käsper <emilia at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
ssl/packet_locl.h | 3 +--
ssl/s3_srvr.c | 8 ++++++--
ssl/t1_lib.c | 4 ++--
test/packettest.c | 2 +-
4 files changed, 10 insertions(+), 7 deletions(-)
diff --git a/ssl/packet_locl.h b/ssl/packet_locl.h
index 80d0b93..a5e4d00 100644
--- a/ssl/packet_locl.h
+++ b/ssl/packet_locl.h
@@ -80,8 +80,7 @@ typedef struct {
} PACKET;
/*
- * Returns 1 if there are exactly |len| bytes left to be read from |pkt|
- * and 0 otherwise
+ * Returns the number of bytes remaining to be read in the PACKET
*/
__owur static inline size_t PACKET_remaining(PACKET *pkt)
{
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index acb2fa9..a015a49 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -874,7 +874,11 @@ int ssl3_get_client_hello(SSL *s)
if (!ok)
return ((int)n);
s->first_packet = 0;
- PACKET_buf_init(&pkt, s->init_msg, n);
+ if (!PACKET_buf_init(&pkt, s->init_msg, n)) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
/* First lets get s->client_version set correctly */
if (RECORD_LAYER_is_sslv2_record(&s->rlayer)) {
@@ -1055,7 +1059,7 @@ int ssl3_get_client_hello(SSL *s)
memset(s->s3->client_random, 0, SSL3_RANDOM_SIZE);
if (!PACKET_peek_copy_bytes(&pkt, s->s3->client_random, i)
|| !PACKET_forward(&pkt, cl)
- || !PACKET_remaining(&pkt) == 0) {
+ || PACKET_remaining(&pkt) != 0) {
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_RECORD_LENGTH_MISMATCH);
al = SSL_AD_DECODE_ERROR;
goto f_err;
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index ece2b72..e37411c 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2036,7 +2036,7 @@ static int ssl_scan_clienthello_tlsext(SSL *s, PACKET *pkt, int *al)
}
}
/* We shouldn't have any bytes left */
- if (PACKET_remaining(&ssubpkt))
+ if (PACKET_remaining(&ssubpkt) != 0)
goto err;
}
@@ -2140,7 +2140,7 @@ static int ssl_scan_clienthello_tlsext(SSL *s, PACKET *pkt, int *al)
|| (dsize & 1) != 0
|| (dsize == 0)
|| !PACKET_get_bytes(&subpkt, &data, dsize)
- || PACKET_remaining(&subpkt)
+ || PACKET_remaining(&subpkt) != 0
|| !tls1_save_sigalgs(s, data, dsize)) {
goto err;
}
diff --git a/test/packettest.c b/test/packettest.c
index d6d0c08..c3ac53b 100644
--- a/test/packettest.c
+++ b/test/packettest.c
@@ -67,7 +67,7 @@ static int test_PACKET_remaining(PACKET *pkt)
|| !PACKET_forward(pkt, BUF_LEN - 1)
|| PACKET_remaining(pkt) != 1
|| !PACKET_forward(pkt, 1)
- || PACKET_remaining(pkt)) {
+ || PACKET_remaining(pkt) != 0) {
fprintf(stderr, "test_PACKET_remaining() failed\n");
return 0;
}
More information about the openssl-commits
mailing list