From f0cdf6d09bc943ca56c5f264a00b63898cd1203f Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Tue, 11 Aug 2015 19:36:43 +0100 Subject: Fix missing return value checks in SCTP There are some missing return value checks in the SCTP code. In master this was causing a compilation failure when config'd with "--strict-warnings sctp". Reviewed-by: Tim Hudson (cherry picked from commit d8e8590ed90eba6ef651d09d77befb14f980de2c) --- ssl/d1_clnt.c | 16 ++++++++++++---- ssl/d1_srvr.c | 18 +++++++++++++----- 2 files changed, 25 insertions(+), 9 deletions(-) diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c index 4c2ccbf..c84df98 100644 --- a/ssl/d1_clnt.c +++ b/ssl/d1_clnt.c @@ -366,11 +366,15 @@ int dtls1_connect(SSL *s) sizeof(DTLS1_SCTP_AUTH_LABEL), DTLS1_SCTP_AUTH_LABEL); - SSL_export_keying_material(s, sctpauthkey, + if (SSL_export_keying_material(s, sctpauthkey, sizeof(sctpauthkey), labelbuffer, sizeof(labelbuffer), NULL, 0, - 0); + 0) <= 0) { + ret = -1; + s->state = SSL_ST_ERR; + goto end; + } BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY, @@ -500,9 +504,13 @@ int dtls1_connect(SSL *s) snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL), DTLS1_SCTP_AUTH_LABEL); - SSL_export_keying_material(s, sctpauthkey, + if (SSL_export_keying_material(s, sctpauthkey, sizeof(sctpauthkey), labelbuffer, - sizeof(labelbuffer), NULL, 0, 0); + sizeof(labelbuffer), NULL, 0, 0) <= 0) { + ret = -1; + s->state = SSL_ST_ERR; + goto end; + } BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY, sizeof(sctpauthkey), sctpauthkey); diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c index 655333a..6c3bfb8 100644 --- a/ssl/d1_srvr.c +++ b/ssl/d1_srvr.c @@ -421,9 +421,13 @@ int dtls1_accept(SSL *s) snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL), DTLS1_SCTP_AUTH_LABEL); - SSL_export_keying_material(s, sctpauthkey, - sizeof(sctpauthkey), labelbuffer, - sizeof(labelbuffer), NULL, 0, 0); + if (SSL_export_keying_material(s, sctpauthkey, + sizeof(sctpauthkey), labelbuffer, + sizeof(labelbuffer), NULL, 0, 0) <= 0) { + ret = -1; + s->state = SSL_ST_ERR; + goto end; + } BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY, sizeof(sctpauthkey), sctpauthkey); @@ -635,9 +639,13 @@ int dtls1_accept(SSL *s) snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL), DTLS1_SCTP_AUTH_LABEL); - SSL_export_keying_material(s, sctpauthkey, + if (SSL_export_keying_material(s, sctpauthkey, sizeof(sctpauthkey), labelbuffer, - sizeof(labelbuffer), NULL, 0, 0); + sizeof(labelbuffer), NULL, 0, 0) <= 0) { + ret = -1; + s->state = SSL_ST_ERR; + goto end; + } BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY, sizeof(sctpauthkey), sctpauthkey); -- 1.7.12.1