From: Tomas Mraz Date: Fri, 19 Aug 2022 10:19:55 +0000 (+0200) Subject: Do not use RLAYERfatal on NULL RLAYER X-Git-Tag: openssl-3.2.0-alpha1~2173 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7b7ad9e578470fe2b20db230638cfc20e3acf252;p=thirdparty%2Fopenssl.git Do not use RLAYERfatal on NULL RLAYER or on record layer that is to be freed anyway. Fixes Coverity CID 1509402, 1509403 Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/19027) --- diff --git a/ssl/record/methods/dtls_meth.c b/ssl/record/methods/dtls_meth.c index 0964dfe98dc..c462dd13b71 100644 --- a/ssl/record/methods/dtls_meth.c +++ b/ssl/record/methods/dtls_meth.c @@ -651,7 +651,7 @@ dtls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, || (*retrl)->processed_rcds.q == NULL) { dtls_free(*retrl); *retrl = NULL; - RLAYERfatal(*retrl, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return OSSL_RECORD_RETURN_FATAL; } diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c index c32d1e37bd3..35d7d0dcf80 100644 --- a/ssl/record/methods/tls_common.c +++ b/ssl/record/methods/tls_common.c @@ -1059,7 +1059,7 @@ tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, *retrl = NULL; if (rl == NULL) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return OSSL_RECORD_RETURN_FATAL; } @@ -1068,41 +1068,35 @@ tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, for (p = settings; p->key != NULL; p++) { if (strcmp(p->key, OSSL_LIBSSL_RECORD_LAYER_PARAM_USE_ETM) == 0) { if (!OSSL_PARAM_get_int(p, &rl->use_etm)) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, - SSL_R_FAILED_TO_GET_PARAMETER); + ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER); goto err; } } else if (strcmp(p->key, OSSL_LIBSSL_RECORD_LAYER_PARAM_MAX_FRAG_LEN) == 0) { if (!OSSL_PARAM_get_uint(p, &rl->max_frag_len)) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, - SSL_R_FAILED_TO_GET_PARAMETER); + ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER); goto err; } } else if (strcmp(p->key, OSSL_LIBSSL_RECORD_LAYER_PARAM_MAX_EARLY_DATA) == 0) { if (!OSSL_PARAM_get_uint32(p, &rl->max_early_data)) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, - SSL_R_FAILED_TO_GET_PARAMETER); + ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER); goto err; } } else if (strcmp(p->key, OSSL_LIBSSL_RECORD_LAYER_PARAM_STREAM_MAC) == 0) { if (!OSSL_PARAM_get_int(p, &rl->stream_mac)) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, - SSL_R_FAILED_TO_GET_PARAMETER); + ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER); goto err; } } else if (strcmp(p->key, OSSL_LIBSSL_RECORD_LAYER_PARAM_TLSTREE) == 0) { if (!OSSL_PARAM_get_int(p, &rl->tlstree)) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, - SSL_R_FAILED_TO_GET_PARAMETER); + ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER); goto err; } } else { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, - SSL_R_UNKNOWN_MANDATORY_PARAMETER); + ERR_raise(ERR_LIB_SSL, SSL_R_UNKNOWN_MANDATORY_PARAMETER); goto err; } } @@ -1153,7 +1147,7 @@ tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, } if (!tls_set_options(rl, options)) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_FAILED_TO_GET_PARAMETER); + ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER); goto err; }