summaryrefslogtreecommitdiffstats
path: root/ssl/d1_both.c
diff options
context:
space:
mode:
Diffstat (limited to 'ssl/d1_both.c')
-rw-r--r--ssl/d1_both.c14
1 files changed, 10 insertions, 4 deletions
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 21048003bc..d4150cb58d 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -1420,7 +1420,10 @@ int dtls1_process_heartbeat(SSL *s)
memcpy(bp, pl, payload);
bp += payload;
/* Random padding */
- RAND_pseudo_bytes(bp, padding);
+ if(RAND_pseudo_bytes(bp, padding) < 0) {
+ OPENSSL_free(buffer);
+ return -1;
+ }
r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
@@ -1454,7 +1457,7 @@ int dtls1_process_heartbeat(SSL *s)
int dtls1_heartbeat(SSL *s)
{
unsigned char *buf, *p;
- int ret;
+ int ret = -1;
unsigned int payload = 18; /* Sequence number + random bytes */
unsigned int padding = 16; /* Use minimum padding */
@@ -1502,10 +1505,12 @@ int dtls1_heartbeat(SSL *s)
/* Sequence number */
s2n(s->tlsext_hb_seq, p);
/* 16 random bytes */
- RAND_pseudo_bytes(p, 16);
+ if(RAND_pseudo_bytes(p, 16) < 0)
+ goto err;
p += 16;
/* Random padding */
- RAND_pseudo_bytes(p, padding);
+ if(RAND_pseudo_bytes(p, padding) < 0)
+ goto err;
ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
if (ret >= 0) {
@@ -1518,6 +1523,7 @@ int dtls1_heartbeat(SSL *s)
s->tlsext_hb_pending = 1;
}
+err:
OPENSSL_free(buf);
return ret;
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-22 13:30:25 +0000