diff options
Diffstat (limited to 'ssl/statem/statem_clnt.c')
-rw-r--r-- | ssl/statem/statem_clnt.c | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 4684098250..330cee13fc 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2213,7 +2213,7 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt) s->session->tlsext_ticklen = 0; s->session->tlsext_tick = OPENSSL_malloc(ticklen); - if (!s->session->tlsext_tick) { + if (s->session->tlsext_tick == NULL) { SSLerr(SSL_F_TLS_PROCESS_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE); goto err; } @@ -2267,7 +2267,7 @@ MSG_PROCESS_RETURN tls_process_cert_status(SSL *s, PACKET *pkt) } OPENSSL_free(s->tlsext_ocsp_resp); s->tlsext_ocsp_resp = OPENSSL_malloc(resplen); - if (!s->tlsext_ocsp_resp) { + if (s->tlsext_ocsp_resp == NULL) { al = SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS, ERR_R_MALLOC_FAILURE); goto f_err; @@ -2451,7 +2451,7 @@ psk_err: RSA *rsa; pmslen = SSL_MAX_MASTER_KEY_LENGTH; pms = OPENSSL_malloc(pmslen); - if (!pms) + if (pms == NULL) goto memerr; if (s->session->peer == NULL) { @@ -2553,7 +2553,7 @@ psk_err: pmslen = DH_size(dh_clnt); pms = OPENSSL_malloc(pmslen); - if (!pms) + if (pms == NULL) goto memerr; /* @@ -2693,7 +2693,7 @@ psk_err: } pmslen = (field_size + 7) / 8; pms = OPENSSL_malloc(pmslen); - if (!pms) + if (pms == NULL) goto memerr; n = ECDH_compute_key(pms, pmslen, srvr_ecpoint, clnt_ecdh, NULL); if (n <= 0 || pmslen != (size_t)n) { @@ -2758,7 +2758,7 @@ psk_err: pmslen = 32; pms = OPENSSL_malloc(pmslen); - if (!pms) + if (pms == NULL) goto memerr; /* @@ -2773,6 +2773,11 @@ psk_err: pkey_ctx = EVP_PKEY_CTX_new(pub_key = X509_get_pubkey(peer_cert), NULL); + if (pkey_ctx == NULL) { + SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, + ERR_R_MALLOC_FAILURE); + goto err; + } /* * If we have send a certificate, and certificate key * @@ -2989,8 +2994,12 @@ int tls_construct_client_verify(SSL *s) p = ssl_handshake_start(s); pkey = s->cert->key->privatekey; -/* Create context from key and test if sha1 is allowed as digest */ + /* Create context from key and test if sha1 is allowed as digest */ pctx = EVP_PKEY_CTX_new(pkey, NULL); + if (pctx == NULL) { + SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; + } EVP_PKEY_sign_init(pctx); if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) > 0) { if (!SSL_USE_SIGALGS(s)) |