diff options
author | slontis <shane.lontis@oracle.com> | 2022-07-12 14:28:37 +1000 |
---|---|---|
committer | Hugo Landau <hlandau@openssl.org> | 2022-07-13 08:03:17 +0100 |
commit | ea9e16d16b17d9aa1544e54e79c6438aef9b2e6e (patch) | |
tree | 05d6cb29aceac21449ceb12073f1c31a5d857cd6 /ssl/statem/statem_clnt.c | |
parent | c060c040367e4e2dc44b027d4e52163376f40777 (diff) |
Check for EVP_MD being NULL inside ssl.
Fix multiple places that could potentially segfault if memory
allocations fail. e.g. ssl_load_ciphers() could fail while calling
ssl_evp_md_fetch().
Found by #18355
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18784)
(cherry picked from commit b740012f77aed97cb4b3cd8a4f1fb2f668542795)
Diffstat (limited to 'ssl/statem/statem_clnt.c')
-rw-r--r-- | ssl/statem/statem_clnt.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index b59eddae33..3af7234342 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1346,12 +1346,14 @@ static int set_client_ciphersuite(SSL *s, const unsigned char *cipherchars) s->session->cipher_id = s->session->cipher->id; if (s->hit && (s->session->cipher_id != c->id)) { if (SSL_IS_TLS13(s)) { + const EVP_MD *md = ssl_md(s->ctx, c->algorithm2); + /* * In TLSv1.3 it is valid for the server to select a different * ciphersuite as long as the hash is the same. */ - if (ssl_md(s->ctx, c->algorithm2) - != ssl_md(s->ctx, s->session->cipher->algorithm2)) { + if (md == NULL + || md != ssl_md(s->ctx, s->session->cipher->algorithm2)) { SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED); return 0; |