diff options
author | Matt Caswell <matt@openssl.org> | 2014-11-18 12:56:26 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2014-11-27 21:58:31 +0000 |
commit | 6ff76b334786a9e356ee1c731b2f233f4470f6e6 (patch) | |
tree | 5d2fc16aee46c00d49f935182d9eae33583f6daa /ssl/s3_enc.c | |
parent | 3b125151809e4da36f2535848572d6adaf37f729 (diff) |
Add checks to the return value of EVP_Cipher to prevent silent encryption failure.
PR#1767
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 244d0955adc027c0f41a3251e55d145bf940f9ce)
Diffstat (limited to 'ssl/s3_enc.c')
-rw-r--r-- | ssl/s3_enc.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 9a494f3063..2ba52c45a1 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -534,7 +534,8 @@ int ssl3_enc(SSL *s, int send) /* otherwise, rec->length >= bs */ } - EVP_Cipher(ds,rec->data,rec->input,l); + if(EVP_Cipher(ds,rec->data,rec->input,l) < 1) + return -1; if (EVP_MD_CTX_md(s->read_hash) != NULL) mac_size = EVP_MD_CTX_size(s->read_hash); |