ensure that the EVP_CIPHER_CTX object is initialized PR: 1490
diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c index 18882bf..1f62acd 100644 --- a/ssl/s2_enc.c +++ b/ssl/s2_enc.c
@@ -82,15 +82,18 @@ ((s->enc_read_ctx=(EVP_CIPHER_CTX *) OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) goto err; + + /* make sure it's intialized in case the malloc for enc_write_ctx fails + * and we exit with an error */ + rs= s->enc_read_ctx; + EVP_CIPHER_CTX_init(rs); + if ((s->enc_write_ctx == NULL) && ((s->enc_write_ctx=(EVP_CIPHER_CTX *) OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) goto err; - rs= s->enc_read_ctx; ws= s->enc_write_ctx; - - EVP_CIPHER_CTX_init(rs); EVP_CIPHER_CTX_init(ws); num=c->key_len;
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index b4c6f0f..1690663 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c
@@ -247,6 +247,9 @@ reuse_dd = 1; else if ((s->enc_read_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL) goto err; + else + /* make sure it's intialized in case we exit later with an error */ + EVP_CIPHER_CTX_init(s->enc_read_ctx); dd= s->enc_read_ctx; s->read_hash=m; #ifndef OPENSSL_NO_COMP @@ -280,6 +283,9 @@ reuse_dd = 1; else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL) goto err; + else + /* make sure it's intialized in case we exit later with an error */ + EVP_CIPHER_CTX_init(s->enc_write_ctx); dd= s->enc_write_ctx; s->write_hash=m; #ifndef OPENSSL_NO_COMP @@ -305,7 +311,6 @@ if (reuse_dd) EVP_CIPHER_CTX_cleanup(dd); - EVP_CIPHER_CTX_init(dd); p=s->s3->tmp.key_block; i=EVP_MD_size(m);
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 4baea2d..29892e6 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c
@@ -293,6 +293,9 @@ reuse_dd = 1; else if ((s->enc_read_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL) goto err; + else + /* make sure it's intialized in case we exit later with an error */ + EVP_CIPHER_CTX_init(s->enc_read_ctx); dd= s->enc_read_ctx; s->read_hash=m; #ifndef OPENSSL_NO_COMP @@ -327,10 +330,9 @@ reuse_dd = 1; else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL) goto err; - if ((s->enc_write_ctx == NULL) && - ((s->enc_write_ctx=(EVP_CIPHER_CTX *) - OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) - goto err; + else + /* make sure it's intialized in case we exit later with an error */ + EVP_CIPHER_CTX_init(s->enc_write_ctx); dd= s->enc_write_ctx; s->write_hash=m; #ifndef OPENSSL_NO_COMP @@ -357,7 +359,6 @@ if (reuse_dd) EVP_CIPHER_CTX_cleanup(dd); - EVP_CIPHER_CTX_init(dd); p=s->s3->tmp.key_block; i=EVP_MD_size(m);