Skip to content

Commit

Permalink
Do not use RLAYERfatal on NULL RLAYER
Browse files Browse the repository at this point in the history 
or on record layer that is to be freed anyway.

Fixes Coverity CID 1509402, 1509403

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from #19027)
  • Loading branch information
@t8m
t8m committed Aug 23, 2022
1 parent eb7a5cc commit 7b7ad9e
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 15 deletions.
2 changes: 1 addition & 1 deletion ssl/record/methods/dtls_meth.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -651,7 +651,7 @@ dtls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers,
|| (*retrl)->processed_rcds.q == NULL) {
dtls_free(*retrl);
*retrl = NULL;
RLAYERfatal(*retrl, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
return OSSL_RECORD_RETURN_FATAL;
}

Expand Down
22 changes: 8 additions & 14 deletions ssl/record/methods/tls_common.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1059,7 +1059,7 @@ tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers,
*retrl = NULL;

if (rl == NULL) {
RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
return OSSL_RECORD_RETURN_FATAL;
}

Expand All @@ -1068,41 +1068,35 @@ tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers,
for (p = settings; p->key != NULL; p++) {
if (strcmp(p->key, OSSL_LIBSSL_RECORD_LAYER_PARAM_USE_ETM) == 0) {
if (!OSSL_PARAM_get_int(p, &rl->use_etm)) {
RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR,
SSL_R_FAILED_TO_GET_PARAMETER);
ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER);
goto err;
}
} else if (strcmp(p->key,
OSSL_LIBSSL_RECORD_LAYER_PARAM_MAX_FRAG_LEN) == 0) {
if (!OSSL_PARAM_get_uint(p, &rl->max_frag_len)) {
RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR,
SSL_R_FAILED_TO_GET_PARAMETER);
ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER);
goto err;
}
} else if (strcmp(p->key,
OSSL_LIBSSL_RECORD_LAYER_PARAM_MAX_EARLY_DATA) == 0) {
if (!OSSL_PARAM_get_uint32(p, &rl->max_early_data)) {
RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR,
SSL_R_FAILED_TO_GET_PARAMETER);
ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER);
goto err;
}
} else if (strcmp(p->key,
OSSL_LIBSSL_RECORD_LAYER_PARAM_STREAM_MAC) == 0) {
if (!OSSL_PARAM_get_int(p, &rl->stream_mac)) {
RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR,
SSL_R_FAILED_TO_GET_PARAMETER);
ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER);
goto err;
}
} else if (strcmp(p->key,
OSSL_LIBSSL_RECORD_LAYER_PARAM_TLSTREE) == 0) {
if (!OSSL_PARAM_get_int(p, &rl->tlstree)) {
RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR,
SSL_R_FAILED_TO_GET_PARAMETER);
ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER);
goto err;
}
} else {
RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR,
SSL_R_UNKNOWN_MANDATORY_PARAMETER);
ERR_raise(ERR_LIB_SSL, SSL_R_UNKNOWN_MANDATORY_PARAMETER);
goto err;
}
}
Expand Down Expand Up @@ -1153,7 +1147,7 @@ tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers,
}

if (!tls_set_options(rl, options)) {
RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_FAILED_TO_GET_PARAMETER);
ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER);
goto err;
}

Expand Down

0 comments on commit 7b7ad9e

Please sign in to comment.