[openssl] master update
tomas at openssl.org
tomas at openssl.org
Tue Jun 1 14:44:02 UTC 2021
The branch master has been updated
via 147ed5f9def86840c9f6ba512e63a890d58ac1d6 (commit)
from 7e8d6bafd0347de8653c336e6f067d8f3686a386 (commit)
- Log -----------------------------------------------------------------
commit 147ed5f9def86840c9f6ba512e63a890d58ac1d6
Author: Trev Larock <tlarock at juniper.net>
Date: Fri May 28 12:54:44 2021 +0000
Modify ssl_handshake_hash to call SSLfatal
When EVP_MD_CTX_new fails call SSLfatal before the goto err.
This resolves a state machine issue on the out of memory condition.
Fixes #15491.
CLA: trivial
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15520)
-----------------------------------------------------------------------
Summary of changes:
ssl/ssl_lib.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index c8ab4a66a0..063134015a 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -4773,8 +4773,10 @@ int ssl_handshake_hash(SSL *s, unsigned char *out, size_t outlen,
}
ctx = EVP_MD_CTX_new();
- if (ctx == NULL)
+ if (ctx == NULL) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
+ }
if (!EVP_MD_CTX_copy_ex(ctx, hdgst)
|| EVP_DigestFinal_ex(ctx, out, NULL) <= 0) {
More information about the openssl-commits
mailing list