Check return value of ssl3_output_cert_chain

(cherry picked from commit 66f96fe2d519147097c118d4bf60704c69ed0635) Reviewed-by: Tim Hudson <tjh@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2014-03-18 14:19:22 +0000
committer: Matt Caswell <matt@openssl.org> 2014-12-16 15:01:29 +0000
commit: c8667a2e462c3e9e2c4fe1dc170b9b157d9ba938 (patch)
tree: 75471657087e6c77acda4820a6e10e31f563966e /ssl
parent: 5ee441162e3a5a236429f43d5c352beb5eb29cc3 (diff)
2 files changed, 12 insertions, 3 deletions
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index b16b3c44c0..2b9fdb0599 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -3470,8 +3470,13 @@ int ssl3_send_client_certificate(SSL *s)
 	if (s->state == SSL3_ST_CW_CERT_C)
 		{
 		s->state=SSL3_ST_CW_CERT_D;
-		ssl3_output_cert_chain(s,
-			(s->s3->tmp.cert_req == 2)?NULL:s->cert->key);
+		if (!ssl3_output_cert_chain(s,
+			(s->s3->tmp.cert_req == 2)?NULL:s->cert->key))
+			{
+			SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR);
+			return 0;
+			}
 		}
 	/* SSL3_ST_CW_CERT_D */
 	return ssl_do_write(s);
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index a4342ba83f..83d110fcc7 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -3450,7 +3450,11 @@ int ssl3_send_server_certificate(SSL *s)
 				}
 			}
 
-		ssl3_output_cert_chain(s,cpk);
+		if (!ssl3_output_cert_chain(s,cpk))
+			{
+			SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
+			return(0);
+			}
 		s->state=SSL3_ST_SW_CERT_B;
 		}
author	Dr. Stephen Henson <steve@openssl.org>	2014-03-18 14:19:22 +0000
committer	Matt Caswell <matt@openssl.org>	2014-12-16 15:01:29 +0000
commit	c8667a2e462c3e9e2c4fe1dc170b9b157d9ba938 (patch)
tree	75471657087e6c77acda4820a6e10e31f563966e /ssl
parent	5ee441162e3a5a236429f43d5c352beb5eb29cc3 (diff)