summaryrefslogtreecommitdiffstats
path: root/ssl/t1_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'ssl/t1_lib.c')
-rw-r--r--ssl/t1_lib.c18
1 files changed, 14 insertions, 4 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 3e01b6af6a..5568df660c 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3849,7 +3849,10 @@ int tls1_process_heartbeat(SSL *s)
memcpy(bp, pl, payload);
bp += payload;
/* Random padding */
- RAND_pseudo_bytes(bp, padding);
+ if(RAND_pseudo_bytes(bp, padding) < 0) {
+ OPENSSL_free(buffer);
+ return -1;
+ }
r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buffer,
3 + payload + padding);
@@ -3884,7 +3887,7 @@ int tls1_process_heartbeat(SSL *s)
int tls1_heartbeat(SSL *s)
{
unsigned char *buf, *p;
- int ret;
+ int ret = -1;
unsigned int payload = 18; /* Sequence number + random bytes */
unsigned int padding = 16; /* Use minimum padding */
@@ -3932,10 +3935,16 @@ int tls1_heartbeat(SSL *s)
/* Sequence number */
s2n(s->tlsext_hb_seq, p);
/* 16 random bytes */
- RAND_pseudo_bytes(p, 16);
+ if(RAND_pseudo_bytes(p, 16) < 0) {
+ SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
p += 16;
/* Random padding */
- RAND_pseudo_bytes(p, padding);
+ if(RAND_pseudo_bytes(p, padding) < 0) {
+ SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
ret = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
if (ret >= 0) {
@@ -3947,6 +3956,7 @@ int tls1_heartbeat(SSL *s)
s->tlsext_hb_pending = 1;
}
+err:
OPENSSL_free(buf);
return ret;
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-22 14:09:41 +0000