From 7b7ad9e578470fe2b20db230638cfc20e3acf252 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Fri, 19 Aug 2022 12:19:55 +0200 Subject: [PATCH] Do not use RLAYERfatal on NULL RLAYER or on record layer that is to be freed anyway. Fixes Coverity CID 1509402, 1509403 Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/19027) --- ssl/record/methods/dtls_meth.c | 2 +- ssl/record/methods/tls_common.c | 22 ++++++++-------------- 2 files changed, 9 insertions(+), 15 deletions(-) diff --git a/ssl/record/methods/dtls_meth.c b/ssl/record/methods/dtls_meth.c index 0964dfe98dc..c462dd13b71 100644 --- a/ssl/record/methods/dtls_meth.c +++ b/ssl/record/methods/dtls_meth.c @@ -651,7 +651,7 @@ dtls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, || (*retrl)->processed_rcds.q == NULL) { dtls_free(*retrl); *retrl = NULL; - RLAYERfatal(*retrl, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return OSSL_RECORD_RETURN_FATAL; } diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c index c32d1e37bd3..35d7d0dcf80 100644 --- a/ssl/record/methods/tls_common.c +++ b/ssl/record/methods/tls_common.c @@ -1059,7 +1059,7 @@ tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, *retrl = NULL; if (rl == NULL) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return OSSL_RECORD_RETURN_FATAL; } @@ -1068,41 +1068,35 @@ tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, for (p = settings; p->key != NULL; p++) { if (strcmp(p->key, OSSL_LIBSSL_RECORD_LAYER_PARAM_USE_ETM) == 0) { if (!OSSL_PARAM_get_int(p, &rl->use_etm)) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, - SSL_R_FAILED_TO_GET_PARAMETER); + ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER); goto err; } } else if (strcmp(p->key, OSSL_LIBSSL_RECORD_LAYER_PARAM_MAX_FRAG_LEN) == 0) { if (!OSSL_PARAM_get_uint(p, &rl->max_frag_len)) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, - SSL_R_FAILED_TO_GET_PARAMETER); + ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER); goto err; } } else if (strcmp(p->key, OSSL_LIBSSL_RECORD_LAYER_PARAM_MAX_EARLY_DATA) == 0) { if (!OSSL_PARAM_get_uint32(p, &rl->max_early_data)) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, - SSL_R_FAILED_TO_GET_PARAMETER); + ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER); goto err; } } else if (strcmp(p->key, OSSL_LIBSSL_RECORD_LAYER_PARAM_STREAM_MAC) == 0) { if (!OSSL_PARAM_get_int(p, &rl->stream_mac)) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, - SSL_R_FAILED_TO_GET_PARAMETER); + ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER); goto err; } } else if (strcmp(p->key, OSSL_LIBSSL_RECORD_LAYER_PARAM_TLSTREE) == 0) { if (!OSSL_PARAM_get_int(p, &rl->tlstree)) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, - SSL_R_FAILED_TO_GET_PARAMETER); + ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER); goto err; } } else { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, - SSL_R_UNKNOWN_MANDATORY_PARAMETER); + ERR_raise(ERR_LIB_SSL, SSL_R_UNKNOWN_MANDATORY_PARAMETER); goto err; } } @@ -1153,7 +1147,7 @@ tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, } if (!tls_set_options(rl, options)) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_FAILED_TO_GET_PARAMETER); + ERR_raise(ERR_LIB_SSL, SSL_R_FAILED_TO_GET_PARAMETER); goto err; } -- 2.47.2