Fixed missing return value checks. (eadf70d2) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

ssl/t1_enc.c

+17 −9

Original line number	Diff line number	Diff line
		@@ -548,16 +548,24 @@ int tls1_change_cipher_state(SSL *s, int which)
		#endif /* KSSL_DEBUG */

		if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {
		EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE));
		EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_GCM_SET_IV_FIXED, k, iv);
		} else
		EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE));

		if (!EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE))
		\|\| !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_GCM_SET_IV_FIXED, k, iv)) {
		SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
		goto err2;
		}
		} else {
		if (!EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE))) {
		SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
		goto err2;
		}
		}
		/* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */
		if ((EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER) && *mac_secret_size)
		EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_MAC_KEY,
		*mac_secret_size, mac_secret);

		if ((EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER) && *mac_secret_size
		&& !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_MAC_KEY,
		*mac_secret_size, mac_secret)) {
		SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
		goto err2;
		}
		#ifdef OPENSSL_SSL_TRACE_CRYPTO
		if (s->msg_callback) {
		int wh = which & SSL3_CC_WRITE ? TLS1_RT_CRYPTO_WRITE : 0;