From: teor (Tim Wilson-Brown) <teor2345@gmail.com>
Date: Mon, 23 Nov 2015 09:53:59 +0000 (+1100)
Subject: Check the return value of HMAC in crypto.c and assert on error
X-Git-Tag: tor-0.2.8.1-alpha~210^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b1b8f7982ebac1347a86d5eb9eee8e5f3bd3d39c;p=thirdparty%2Ftor.git

Check the return value of HMAC in crypto.c and assert on error

Fixes bug #17658; bugfix on commit in fdbb9cdf746b (11 Oct 2011)
in tor version 0.2.3.5-alpha-dev.
---

diff --git a/changes/check-crypto-errors b/changes/check-crypto-errors
new file mode 100644
index 0000000000..e41862ca13
--- /dev/null
+++ b/changes/check-crypto-errors
@@ -0,0 +1,5 @@
+  o Minor bugfix (crypto):
+    - Check the return value of HMAC and assert on failure.
+      Fixes bug #17658; bugfix on commit in fdbb9cdf746b (11 Oct 2011)
+      in tor version 0.2.3.5-alpha-dev.
+      Patch by "teor".
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 913d1c26c9..86357b0a43 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1906,11 +1906,14 @@ crypto_hmac_sha256(char *hmac_out,
                    const char *key, size_t key_len,
                    const char *msg, size_t msg_len)
 {
+  unsigned char *rv = NULL;
   /* If we've got OpenSSL >=0.9.8 we can use its hmac implementation. */
   tor_assert(key_len < INT_MAX);
   tor_assert(msg_len < INT_MAX);
-  HMAC(EVP_sha256(), key, (int)key_len, (unsigned char*)msg, (int)msg_len,
-       (unsigned char*)hmac_out, NULL);
+  tor_assert(hmac_out);
+  rv = HMAC(EVP_sha256(), key, (int)key_len, (unsigned char*)msg, (int)msg_len,
+            (unsigned char*)hmac_out, NULL);
+  tor_assert(rv);
 }
 
 /* DH */