kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add more scopers.

Browse Source 
Change-Id: I68d77534a7c0e8ea89ff02fba1228d67e7a793eb
Reviewed-on: https://boringssl-review.googlesource.com/29807
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
David Benjamin 2018-07-14 13:27:25 -04:00 committed by CQ bot account: commit-bot@chromium.org
parent bc118ee64c
commit 89b9ecf0de
2 changed files with 8 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ssl/ssl_x509.cc
View File

@ -249,11 +249,10 @@ static int ssl_crypto_x509_check_client_CA_list(
STACK_OF(CRYPTO_BUFFER) *names) { STACK_OF(CRYPTO_BUFFER) *names) {
for (const CRYPTO_BUFFER *buffer : names) { for (const CRYPTO_BUFFER *buffer : names) {
const uint8_t *inp = CRYPTO_BUFFER_data(buffer); const uint8_t *inp = CRYPTO_BUFFER_data(buffer);
X509_NAME *name = d2i_X509_NAME(NULL, &inp, CRYPTO_BUFFER_len(buffer)); UniquePtr<X509_NAME> name(
const int ok = name != NULL && inp == CRYPTO_BUFFER_data(buffer) + d2i_X509_NAME(nullptr, &inp, CRYPTO_BUFFER_len(buffer)));
CRYPTO_BUFFER_len(buffer); if (name == nullptr ||
X509_NAME_free(name); inp != CRYPTO_BUFFER_data(buffer) + CRYPTO_BUFFER_len(buffer)) {
if (!ok) {
return 0; return 0;
} }
} }

11
ssl/tls13_enc.cc
View File

@ -74,8 +74,7 @@ static int hkdf_expand_label(uint8_t *out, const EVP_MD *digest,
ScopedCBB cbb; ScopedCBB cbb;
CBB child; CBB child;
uint8_t *hkdf_label; Array<uint8_t> hkdf_label;
size_t hkdf_label_len;
if (!CBB_init(cbb.get(), 2 + 1 + strlen(kTLS13LabelVersion) + label_len + 1 + if (!CBB_init(cbb.get(), 2 + 1 + strlen(kTLS13LabelVersion) + label_len + 1 +
hash_len) || hash_len) ||
!CBB_add_u16(cbb.get(), len) || !CBB_add_u16(cbb.get(), len) ||
@ -85,14 +84,12 @@ static int hkdf_expand_label(uint8_t *out, const EVP_MD *digest,
!CBB_add_bytes(&child, (const uint8_t *)label, label_len) || !CBB_add_bytes(&child, (const uint8_t *)label, label_len) ||
!CBB_add_u8_length_prefixed(cbb.get(), &child) || !CBB_add_u8_length_prefixed(cbb.get(), &child) ||
!CBB_add_bytes(&child, hash, hash_len) || !CBB_add_bytes(&child, hash, hash_len) ||
!CBB_finish(cbb.get(), &hkdf_label, &hkdf_label_len)) { !CBBFinishArray(cbb.get(), &hkdf_label)) {
return 0; return 0;
} }
int ret = HKDF_expand(out, len, digest, secret, secret_len, hkdf_label, return HKDF_expand(out, len, digest, secret, secret_len, hkdf_label.data(),
hkdf_label_len); hkdf_label.size());
OPENSSL_free(hkdf_label);
return ret;
} }
static const char kTLS13LabelDerived[] = "derived"; static const char kTLS13LabelDerived[] = "derived";