check return values for EVP_Digest*() APIs

Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2016-06-18 15:46:13 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2016-07-15 14:09:05 +0100
commit: d166ed8c11e10e9fdaeac182effb9dd318843924 (patch)
tree: fd47ffb1f5d42b121b04d14c1a8f6bdc659637f6 /ssl/s3_cbc.c
parent: 1fc431ba57d12189a9bdacd3999ea2a7b91458d8 (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
index 7cdabbb761..febd88a117 100644
--- a/ssl/s3_cbc.c
+++ b/ssl/s3_cbc.c
@@ -490,13 +490,13 @@ err:
  * digesting additional data.
  */
 
-void tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
+int tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
                            EVP_MD_CTX *mac_ctx, const unsigned char *data,
                            size_t data_len, size_t orig_len)
 {
     size_t block_size, digest_pad, blocks_data, blocks_orig;
     if (EVP_CIPHER_CTX_mode(cipher_ctx) != EVP_CIPH_CBC_MODE)
-        return;
+        return 1;
     block_size = EVP_MD_CTX_block_size(mac_ctx);
     /*-
      * We are in FIPS mode if we get this far so we know we have only SHA*
@@ -526,6 +526,6 @@ void tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
      * The "data" pointer should always have enough space to perform this
      * operation as it is large enough for a maximum length TLS buffer.
      */
-    EVP_DigestSignUpdate(mac_ctx, data,
-                         (blocks_orig - blocks_data + 1) * block_size);
+    return EVP_DigestSignUpdate(mac_ctx, data,
+                                (blocks_orig - blocks_data + 1) * block_size);
 }
author	Dr. Stephen Henson <steve@openssl.org>	2016-06-18 15:46:13 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2016-07-15 14:09:05 +0100
commit	d166ed8c11e10e9fdaeac182effb9dd318843924 (patch)
tree	fd47ffb1f5d42b121b04d14c1a8f6bdc659637f6 /ssl/s3_cbc.c
parent	1fc431ba57d12189a9bdacd3999ea2a7b91458d8 (diff)