Incorrect Error Check of SSL_connect() in dma/crypto.c

corecode / dma

The DragonFly Mail Agent, a small Mail Transport Agent (MTA), designed for home and office use.

Other

231 stars 50 forks source link

Incorrect Error Check of SSL_connect() in dma/crypto.c #59

Closed lc3412 closed 6 years ago

lc3412 commented 6 years ago

Hi, Function SSL_connect() returns the value of 0 and less than 0 are both on error. However , the return value of function SSL_connect() in dma/crypto.c is not checked correctly, which forgot to check the return value 0. See the following code:

screenshot from 2018-09-13 19-58-13

Chi Li, Zuxing Gu, Jiecheng Wu

lc3412 commented 6 years ago

Hi, Function SSL_connect() returns the value of 0 and less than 0 are both on error. However , the return value of function SSL_connect() in dma/crypto.c is not checked correctly, which forgot to check the return value 0. See the following code:

We find the return value of this call been checked in openssl project with the version of openssl 1.1.2. Such as in openssl/apps folder

apps/s_time.c ref: https://github.com/openssl/openssl/blob/master/apps/s_time.c screenshot from 2018-09-13 23-15-19

Chi Li, Zuxing Gu, Jiecheng Wu

corecode commented 6 years ago

why did you close this?

corecode commented 6 years ago

Fixed in 41141e0073846b0e3cdde6de335313abeb19c4b4