From d13dd4beb4674689c7a46450dbb8bae9af24d510 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 22 Oct 2015 14:34:33 +0100 Subject: [PATCH] Fix uninitialised variable Fix another instance of |al| being unitialised in certain error scenarios. Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte --- ssl/statem/statem_srvr.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 8abedc0be6..a5c38622c3 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -1518,7 +1518,7 @@ enum MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) enum WORK_STATE tls_post_process_client_hello(SSL *s, enum WORK_STATE wst) { - int al; + int al = SSL_AD_HANDSHAKE_FAILURE; SSL_CIPHER *cipher; if (wst == WORK_MORE_A) { @@ -1540,7 +1540,6 @@ enum WORK_STATE tls_post_process_client_hello(SSL *s, enum WORK_STATE wst) cipher = ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s)); if (cipher == NULL) { - al = SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER); goto f_err; } @@ -1558,8 +1557,10 @@ enum WORK_STATE tls_post_process_client_hello(SSL *s, enum WORK_STATE wst) } if (!SSL_USE_SIGALGS(s) || !(s->verify_mode & SSL_VERIFY_PEER)) { - if (!ssl3_digest_cached_records(s, 0)) + if (!ssl3_digest_cached_records(s, 0)) { + al = SSL_AD_INTERNAL_ERROR; goto f_err; + } } /*- @@ -1577,7 +1578,8 @@ enum WORK_STATE tls_post_process_client_hello(SSL *s, enum WORK_STATE wst) /* Handles TLS extensions that we couldn't check earlier */ if (s->version >= SSL3_VERSION) { if (ssl_check_clienthello_tlsext_late(s) <= 0) { - SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT); + SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO, + SSL_R_CLIENTHELLO_TLSEXT); goto f_err; } } -- 2.25.1