From: Matt Caswell <matt@openssl.org>
Date: Tue, 10 Jan 2017 11:30:57 +0000 (+0000)
Subject: Fix an uninit read picked up by Travis
X-Git-Tag: OpenSSL_1_1_1-pre1~2697
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=0cc092f8a3bcfd437de76f88b3e4a8c5eca136cc;p=oweals%2Fopenssl.git

Fix an uninit read picked up by Travis

The siglen value needs to be initialised prior to it being read in the
call to EVP_DigestSignFinal later in this function.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157)
---

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 0573af121b..e2d0836b5a 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -2240,8 +2240,8 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
              * up front, and then properly allocate them in the WPACKET
              * afterwards.
              */
-            if (!WPACKET_sub_reserve_bytes_u16(pkt, EVP_PKEY_size(pkey),
-                                               &sigbytes1)
+            siglen = EVP_PKEY_size(pkey);
+            if (!WPACKET_sub_reserve_bytes_u16(pkt, siglen, &sigbytes1)
                     || EVP_DigestSignInit(md_ctx, &pctx, md, NULL, pkey) <= 0) {
                 SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE,
                        ERR_R_INTERNAL_ERROR);