diff options
author | Philippe Antoine <p.antoine@catenacyber.fr> | 2023-02-09 15:21:59 +0100 |
---|---|---|
committer | Todd Short <todd.short@me.com> | 2023-02-20 10:04:30 -0500 |
commit | 1dbfd7fe24bcd50117bc57942b2046e483a3c5a5 (patch) | |
tree | a87f7def7c7d3ff9d9984aaf049a733c1af72556 /ssl | |
parent | c4a44e7b84c5371e6f1ac1e0a80d5fc737b2dc1c (diff) |
fuzz: fix coverity warnings
introduced by 2b9e2afc382490592078cdb69d06f54f0fefd4c6
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20253)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/record/methods/tls_common.c | 3 | ||||
-rw-r--r-- | ssl/statem/extensions_srvr.c | 2 | ||||
-rw-r--r-- | ssl/statem/statem_lib.c | 2 |
3 files changed, 4 insertions, 3 deletions
diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c index 69745f902b..ab19059030 100644 --- a/ssl/record/methods/tls_common.c +++ b/ssl/record/methods/tls_common.c @@ -865,7 +865,8 @@ int tls_get_more_records(OSSL_RECORD_LAYER *rl) if (thisrr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size) enc_err = 0; #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION - if (enc_err == 0 && mac_size > 0 && (md[0] ^ thismb->mac[0]) != 0xFF) { + if (enc_err == 0 && mac_size > 0 && thismb != NULL && + thismb->mac != NULL && (md[0] ^ thismb->mac[0]) != 0xFF) { enc_err = 1; } #endif diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 0af0d2fe62..a0a48e405f 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -63,7 +63,7 @@ int tls_parse_ctos_renegotiate(SSL_CONNECTION *s, PACKET *pkt, s->s3.previous_client_finished_len); #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION if (ok) { - if (data[0] ^ s->s3.previous_client_finished[0] != 0xFF) { + if ((data[0] ^ s->s3.previous_client_finished[0]) != 0xFF) { ok = 0; } } diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 1812ca63d1..88f3b94f2e 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -836,7 +836,7 @@ MSG_PROCESS_RETURN tls_process_finished(SSL_CONNECTION *s, PACKET *pkt) md_len); #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION if (ok != 0) { - if (PACKET_data(pkt)[0] ^ s->s3.tmp.peer_finish_md[0] != 0xFF) { + if ((PACKET_data(pkt)[0] ^ s->s3.tmp.peer_finish_md[0]) != 0xFF) { ok = 0; } } |