Deal with the unlikely event that EVP_MD_CTX_size() returns an error.

(Coverity ID 140).
author: Ben Laurie <ben@openssl.org> 2008-12-27 02:09:24 +0000
committer: Ben Laurie <ben@openssl.org> 2008-12-27 02:09:24 +0000
commit: 9b9cb004f755ea2add69f2d9df6468c331fef4f8 (patch)
tree: 19f7a7ef3e6735f0cc726139d594ed582eb19fa8 /ssl/d1_pkt.c
parent: 6ba71a71732b1e0ae9289ad7cceafcde91ec76ea (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 9e38cb5bf9..75c2b63f3e 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -428,6 +428,12 @@ printf("\n");
 	if (!clear)
 		{
 		mac_size=EVP_MD_CTX_size(s->read_hash);
+		if (mac_size <= 0)
+			{
+			al=SSL_AD_INTERNAL_ERROR;
+			SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_BAD_MAC_LENGTH);
+			goto f_err;
+			}
 
 		if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+mac_size)
 			{
author	Ben Laurie <ben@openssl.org>	2008-12-27 02:09:24 +0000
committer	Ben Laurie <ben@openssl.org>	2008-12-27 02:09:24 +0000
commit	9b9cb004f755ea2add69f2d9df6468c331fef4f8 (patch)
tree	19f7a7ef3e6735f0cc726139d594ed582eb19fa8 /ssl/d1_pkt.c
parent	6ba71a71732b1e0ae9289ad7cceafcde91ec76ea (diff)