[openssl-commits] [openssl] OpenSSL_1_1_1-stable update

[Andy Polyakov]

The branch OpenSSL_1_1_1-stable has been updated
       via  7055086185dba1c509887cdaacdc6cd59a8dd9ea (commit)
      from  7ed9ad1cc3fadcaac7815e588e23a3ad16379697 (commit)


- Log -----------------------------------------------------------------
commit 7055086185dba1c509887cdaacdc6cd59a8dd9ea
Author: Andy Polyakov <appro at openssl.org>
Date:   Sun Sep 2 13:07:58 2018 +0200

    ssl/s3_enc.c: fix logical errors in ssl3_final_finish_mac.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/7085)
    
    (cherry picked from commit 7d0effeacbb50b12bfc24df7614d7cf5c8686f51)

-----------------------------------------------------------------------

Summary of changes:
 ssl/s3_enc.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 5f40381..fca84ef 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -442,15 +442,16 @@ size_t ssl3_final_finish_mac(SSL *s, const char *sender, size_t len,
     if (!EVP_MD_CTX_copy_ex(ctx, s->s3->handshake_dgst)) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_FINAL_FINISH_MAC,
                  ERR_R_INTERNAL_ERROR);
-        return 0;
+        ret = 0;
+        goto err;
     }
 
     ret = EVP_MD_CTX_size(ctx);
     if (ret < 0) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_FINAL_FINISH_MAC,
                  ERR_R_INTERNAL_ERROR);
-        EVP_MD_CTX_reset(ctx);
-        return 0;
+        ret = 0;
+        goto err;
     }
 
     if ((sender != NULL && EVP_DigestUpdate(ctx, sender, len) <= 0)
@@ -463,6 +464,7 @@ size_t ssl3_final_finish_mac(SSL *s, const char *sender, size_t len,
         ret = 0;
     }
 
+ err:
     EVP_MD_CTX_free(ctx);
 
     return ret;