From: Matt Caswell <matt@openssl.org>
Date: Mon, 3 Aug 2015 16:20:07 +0000 (+0100)
Subject: Add missing return check for PACKET_buf_init
X-Git-Tag: OpenSSL_1_1_0-pre1~816
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f9f6053442a2918d0445866252256b2cb54a1187;p=openssl

Add missing return check for PACKET_buf_init

The new ClientHello PACKET code is missing a return value check.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
---

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index acb2fa94bc..c723ea0f2d 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -874,7 +874,11 @@ int ssl3_get_client_hello(SSL *s)
     if (!ok)
         return ((int)n);
     s->first_packet = 0;
-    PACKET_buf_init(&pkt, s->init_msg, n);
+    if (!PACKET_buf_init(&pkt, s->init_msg, n)) {
+        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+        al = SSL_AD_INTERNAL_ERROR;
+        goto f_err;
+    }
 
     /* First lets get s->client_version set correctly */
     if (RECORD_LAYER_is_sslv2_record(&s->rlayer)) {