diff options
author | Richard Levitte <levitte@openssl.org> | 2018-09-12 02:31:10 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2018-10-29 14:20:37 +0100 |
commit | 60690b5b8396d7d5234cd067206190fb8aca78d2 (patch) | |
tree | d4a40d95326c63f51afea13fda02330e455366fc /ssl | |
parent | cc3a2e4f51679d99507a979f9a920f6068473aa2 (diff) | |
download | openssl-60690b5b8396d7d5234cd067206190fb8aca78d2.zip openssl-60690b5b8396d7d5234cd067206190fb8aca78d2.tar.gz openssl-60690b5b8396d7d5234cd067206190fb8aca78d2.tar.bz2 |
ssl/statem: Don't compare size_t with less than zero
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7194)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/statem/extensions.c | 6 | ||||
-rw-r--r-- | ssl/statem/statem_lib.c | 5 |
2 files changed, 7 insertions, 4 deletions
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index 8422161..8d4939d 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -1530,10 +1530,12 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart, */ if (s->hello_retry_request == SSL_HRR_PENDING) { size_t hdatalen; + long hdatalen_l; void *hdata; - hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata); - if (hdatalen <= 0) { + hdatalen = hdatalen_l = + BIO_get_mem_data(s->s3->handshake_buffer, &hdata); + if (hdatalen_l <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PSK_DO_BINDER, SSL_R_BAD_HANDSHAKE_LENGTH); goto err; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 508bb88..e6e61f7 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -203,9 +203,10 @@ static int get_cert_verify_tbs_data(SSL *s, unsigned char *tls13tbs, *hdatalen = TLS13_TBS_PREAMBLE_SIZE + hashlen; } else { size_t retlen; + long retlen_l; - retlen = BIO_get_mem_data(s->s3->handshake_buffer, hdata); - if (retlen <= 0) { + retlen = retlen_l = BIO_get_mem_data(s->s3->handshake_buffer, hdata); + if (retlen_l <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_GET_CERT_VERIFY_TBS_DATA, ERR_R_INTERNAL_ERROR); return 0; |