]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
handshake: Prevent memory leak on invalid SSLv2 hello length.
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 2 Jun 2014 13:01:45 +0000 (15:01 +0200)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Tue, 3 Jun 2014 09:53:50 +0000 (11:53 +0200)
lib/gnutls_v2_compat.c

index e68cce3d05e6db1452cc7d650f852d7ea3611518..4d5024a59938557d8571a54598c907cc90c557a2 100644 (file)
@@ -54,15 +54,15 @@ _gnutls_handshake_select_v2_suite(gnutls_session_t session,
        _gnutls_handshake_log
            ("HSK[%p]: Parsing a version 2.0 client hello.\n", session);
 
-       _data = gnutls_malloc(datalen);
-       if (_data == NULL) {
+       if (datalen % 3 != 0) {
                gnutls_assert();
-               return GNUTLS_E_MEMORY_ERROR;
+               return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
        }
 
-       if (datalen % 3 != 0) {
+       _data = gnutls_malloc(datalen);
+       if (_data == NULL) {
                gnutls_assert();
-               return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+               return GNUTLS_E_MEMORY_ERROR;
        }
 
        i = _datalen = 0;