]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7b7ad9e)
rl->enc_ctx must be non-NULL and cipher must be set
authorTomas Mraz <tomas@openssl.org>
Fri, 19 Aug 2022 10:28:42 +0000 (12:28 +0200)
committerTomas Mraz <tomas@openssl.org>
Tue, 23 Aug 2022 10:27:23 +0000 (12:27 +0200)
Otherwise ssl3_cipher() cannot work properly.

Fixes Coverity CID 1509401

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19027)

ssl/record/methods/ssl3_meth.c patch | blob | blame | history

diff --git a/ssl/record/methods/ssl3_meth.c b/ssl/record/methods/ssl3_meth.c
index 254e8cf1476fe852f18a73127dbd2f1d87b0038a..f1fd1f42031e66bbe1ac999329ff3a79075c6407 100644 (file)
--- a/ssl/record/methods/ssl3_meth.c
+++ b/ssl/record/methods/ssl3_meth.c
@@ -98,10 +98,8 @@ static int ssl3_cipher(OSSL_RECORD_LAYER *rl, SSL3_RECORD *inrecs, size_t n_recs
         return 0;
 
     ds = rl->enc_ctx;
-    if (rl->enc_ctx == NULL)
-        enc = NULL;
-    else
-        enc = EVP_CIPHER_CTX_get0_cipher(rl->enc_ctx);
+    if (ds == NULL || (enc = EVP_CIPHER_CTX_get0_cipher(ds)) == NULL)
+        return 0;
 
     provided = (EVP_CIPHER_get0_provider(enc) != NULL);
 
Mirror of https://github.com/openssl/openssl.git