WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Update call to DoAlert() 

When handling the alerts, the return code wasn't checked for error codes. A corrupted alert message could cause a control flow issue.
pull/1/head
John Safranek 2013-06-14 12:49:56 +03:00
parent 42a0f3500f
commit 17ab84eb07
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/internal.c
View File

@ -4724,9 +4724,12 @@ int ProcessReply(CYASSL* ssl)
case alert: case alert:
CYASSL_MSG("got ALERT!"); CYASSL_MSG("got ALERT!");
if (DoAlert(ssl, ssl->buffers.inputBuffer.buffer, ret = DoAlert(ssl, ssl->buffers.inputBuffer.buffer,
&ssl->buffers.inputBuffer.idx, &type) == alert_fatal) &ssl->buffers.inputBuffer.idx, &type);
if (ret == alert_fatal)
return FATAL_ERROR; return FATAL_ERROR;
else if (ret < 0)
return ret;
/* catch warnings that are handled as errors */ /* catch warnings that are handled as errors */
if (type == close_notify) if (type == close_notify)