Fix a possible recursion in SSLfatal handling

author Bernd Edlinger <bernd.edlinger@hotmail.de>

Tue, 11 Sep 2018 09:44:13 +0000 (11:44 +0200)

committer Bernd Edlinger <bernd.edlinger@hotmail.de>

Wed, 12 Sep 2018 12:43:13 +0000 (14:43 +0200)
author Bernd Edlinger <bernd.edlinger@hotmail.de>
Tue, 11 Sep 2018 09:44:13 +0000 (11:44 +0200)
committer Bernd Edlinger <bernd.edlinger@hotmail.de>
Wed, 12 Sep 2018 12:43:13 +0000 (14:43 +0200)
diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c

index d75f9ea036086478e06d0dbff0ebf8850b08c344..f76c0e48034b8fca23d7493722fe46d84178cce4 100644 (file)
--- a/ssl/statem/statem.c
+++ b/ssl/statem/statem.c
@@ -118,11 +118,12 @@ void ossl_statem_set_renegotiate(SSL *s)
  void ossl_statem_fatal(SSL *s, int al, int func, int reason, const char *file,
                         int line)
  {
+    ERR_put_error(ERR_LIB_SSL, func, reason, file, line);
      /* We shouldn't call SSLfatal() twice. Once is enough */
-    assert(s->statem.state != MSG_FLOW_ERROR);
+    if (s->statem.in_init && s->statem.state == MSG_FLOW_ERROR)
+      return;
      s->statem.in_init = 1;
      s->statem.state = MSG_FLOW_ERROR;
-    ERR_put_error(ERR_LIB_SSL, func, reason, file, line);
      if (al != SSL_AD_NO_ALERT
              && s->statem.enc_write_state != ENC_WRITE_STATE_INVALID)
          ssl3_send_alert(s, SSL3_AL_FATAL, al);
author	Bernd Edlinger <bernd.edlinger@hotmail.de>
	Tue, 11 Sep 2018 09:44:13 +0000 (11:44 +0200)
committer	Bernd Edlinger <bernd.edlinger@hotmail.de>
	Wed, 12 Sep 2018 12:43:13 +0000 (14:43 +0200)