From: Matt Caswell <matt@openssl.org>
Date: Fri, 30 Oct 2015 16:50:17 +0000 (+0000)
Subject: Remove an OPENSSL_assert which could fail
X-Git-Tag: OpenSSL_1_1_0-pre1~318
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6929b4477b83c8e759ccc5dbc9483095e1c5a146;p=openssl

Remove an OPENSSL_assert which could fail

An OPENSSL_assert was being used which could fail (e.g. on a malloc
failure).

Reviewed-by: Rich Salz <rsalz@openssl.org>
---

diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index 86aaf4fcd8..359d247bbb 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -954,7 +954,8 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
         EVP_DigestSignUpdate(mac_ctx, header, sizeof(header));
         EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length);
         t = EVP_DigestSignFinal(mac_ctx, md, &md_size);
-        OPENSSL_assert(t > 0);
+        if (t <= 0)
+            return -1;
         if (!send && !SSL_USE_ETM(ssl) && FIPS_mode())
             tls_fips_digest_extra(ssl->enc_read_ctx,
                                   mac_ctx, rec->input,