Assert that SSLfatal() only gets called once

We shouldn't call SSLfatal() multiple times for the same error condition. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4778)
author: Matt Caswell <matt@openssl.org> 2017-11-23 12:33:11 +0000
committer: Matt Caswell <matt@openssl.org> 2017-12-04 13:31:48 +0000
commit: f9f674eb76a7c00e3f158f673a7ec01286b02907 (patch)
tree: acaa9d9ffd0f28c2c7e62d71a8c090cb8662c4ca /ssl/statem/statem.c
parent: 47e2ee072290db534720565318f0a8110a2e7d92 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c
index 5c158fa24d..fe348419cd 100644
--- a/ssl/statem/statem.c
+++ b/ssl/statem/statem.c
@@ -11,6 +11,7 @@
 #include <openssl/rand.h>
 #include "../ssl_locl.h"
 #include "statem_locl.h"
+#include <assert.h>
 
 /*
  * This file implements the SSL/TLS/DTLS state machines.
@@ -117,6 +118,8 @@ void ossl_statem_set_renegotiate(SSL *s)
 void ossl_statem_fatal(SSL *s, int al, int func, int reason, const char *file,
                        int line)
 {
+    /* We shouldn't call SSLfatal() twice. Once is enough */
+    assert(s->statem.state != MSG_FLOW_ERROR);
     s->statem.in_init = 1;
     s->statem.state = MSG_FLOW_ERROR;
     ERR_put_error(ERR_LIB_SSL, func, reason, file, line);
author	Matt Caswell <matt@openssl.org>	2017-11-23 12:33:11 +0000
committer	Matt Caswell <matt@openssl.org>	2017-12-04 13:31:48 +0000
commit	f9f674eb76a7c00e3f158f673a7ec01286b02907 (patch)
tree	acaa9d9ffd0f28c2c7e62d71a8c090cb8662c4ca /ssl/statem/statem.c
parent	47e2ee072290db534720565318f0a8110a2e7d92 (diff)