Modify ssl_handshake_hash to call SSLfatal

When EVP_MD_CTX_new fails call SSLfatal before the goto err. This resolves a state machine issue on the out of memory condition: ssl/statem/statem.c:643: OpenSSL internal error: Assertion failed: (s)->statem.in_init && (s)->statem.state == MSG_FLOW_ERROR Fixes #15491. CLA: trivial Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15511)
author: Trev Larock <tlarock@juniper.net> 2021-05-28 02:26:41 +0000
committer: Tomas Mraz <tomas@openssl.org> 2021-06-02 09:59:30 +0200
commit: 5b74c197f315fe1e6591876aaa82e275e4f05f54 (patch)
tree: 07a005a537d5666649692ad47010a7571c42d801 /ssl/ssl_lib.c
parent: 3ee328ab9eff0bf0c86d07b24555a81f403d2ecb (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 5501ecdb58..e1c95ddc60 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -4557,8 +4557,11 @@ int ssl_handshake_hash(SSL *s, unsigned char *out, size_t outlen,
     }
 
     ctx = EVP_MD_CTX_new();
-    if (ctx == NULL)
+    if (ctx == NULL) {
+        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_HANDSHAKE_HASH,
+                 ERR_R_INTERNAL_ERROR);
         goto err;
+    }
 
     if (!EVP_MD_CTX_copy_ex(ctx, hdgst)
         || EVP_DigestFinal_ex(ctx, out, NULL) <= 0) {
author	Trev Larock <tlarock@juniper.net>	2021-05-28 02:26:41 +0000
committer	Tomas Mraz <tomas@openssl.org>	2021-06-02 09:59:30 +0200
commit	5b74c197f315fe1e6591876aaa82e275e4f05f54 (patch)
tree	07a005a537d5666649692ad47010a7571c42d801 /ssl/ssl_lib.c
parent	3ee328ab9eff0bf0c86d07b24555a81f403d2ecb (diff)