Add checks to the return value of EVP_Cipher to prevent silent encryption failure.

PR#1767 Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit 244d0955adc027c0f41a3251e55d145bf940f9ce)
author: Matt Caswell <matt@openssl.org> 2014-11-18 12:56:26 +0000
committer: Matt Caswell <matt@openssl.org> 2014-11-27 21:58:31 +0000
commit: 6ff76b334786a9e356ee1c731b2f233f4470f6e6 (patch)
tree: 5d2fc16aee46c00d49f935182d9eae33583f6daa /ssl/s3_enc.c
parent: 3b125151809e4da36f2535848572d6adaf37f729 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 9a494f3063..2ba52c45a1 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -534,7 +534,8 @@ int ssl3_enc(SSL *s, int send)
 			/* otherwise, rec->length >= bs */
 			}
 		
-		EVP_Cipher(ds,rec->data,rec->input,l);
+		if(EVP_Cipher(ds,rec->data,rec->input,l) < 1)
+			return -1;
 
 		if (EVP_MD_CTX_md(s->read_hash) != NULL)
 			mac_size = EVP_MD_CTX_size(s->read_hash);
author	Matt Caswell <matt@openssl.org>	2014-11-18 12:56:26 +0000
committer	Matt Caswell <matt@openssl.org>	2014-11-27 21:58:31 +0000
commit	6ff76b334786a9e356ee1c731b2f233f4470f6e6 (patch)
tree	5d2fc16aee46c00d49f935182d9eae33583f6daa /ssl/s3_enc.c
parent	3b125151809e4da36f2535848572d6adaf37f729 (diff)