commit 26ababbf6576b16362bbc69c2dc8a18c704f6452
author Martin Kreichgauer <martinkr@google.com> Thu Aug 03 12:02:34 2017 -0700
committer Adam Langley <agl@google.com> Fri Aug 04 21:36:13 2017 +0000
tree ef22011f2b605696982eed92814e489945ad7a5a
parent c90be3b1430ef904f4060a3b886b54de22d2e2d6

Fix a bug in bssl::OpenRecord.

Checking the record type returned by the |tls_open_record| call only
makes sense if that call was successful.

Change-Id: Ib4bebd2b1198c7def513d9fba3653524c17a6e68
Reviewed-on: https://boringssl-review.googlesource.com/18884
Reviewed-by: Adam Langley <agl@google.com>

ssl/tls_record.cc

diff --git a/ssl/tls_record.cc b/ssl/tls_record.cc
index 745ddb8..f8bb521 100644
--- a/ssl/tls_record.cc
+++ b/ssl/tls_record.cc
@@ -596,44 +596,33 @@
     return OpenRecordResult::kError;
   }
 
-  *out = Span<uint8_t>();
-  *out_record_len = 0;
-
   CBS plaintext;
   uint8_t type;
-  size_t record_len;
   const ssl_open_record_t result = tls_open_record(
-      ssl, &type, &plaintext, &record_len, out_alert, in.data(), in.size());
-  if (type != SSL3_RT_APPLICATION_DATA && type != SSL3_RT_ALERT) {
-    *out_alert = SSL_AD_UNEXPECTED_MESSAGE;
-    return OpenRecordResult::kError;
-  }
+      ssl, &type, &plaintext, out_record_len, out_alert, in.data(), in.size());
 
-  OpenRecordResult ret = OpenRecordResult::kError;
   switch (result) {
     case ssl_open_record_success:
-      ret = OpenRecordResult::kOK;
-      break;
+      if (type != SSL3_RT_APPLICATION_DATA && type != SSL3_RT_ALERT) {
+        *out_alert = SSL_AD_UNEXPECTED_MESSAGE;
+        return OpenRecordResult::kError;
+      }
+      *out = MakeSpan(
+          const_cast<uint8_t*>(CBS_data(&plaintext)), CBS_len(&plaintext));
+      return OpenRecordResult::kOK;
     case ssl_open_record_discard:
-      ret = OpenRecordResult::kDiscard;
-      break;
+      return OpenRecordResult::kDiscard;
     case ssl_open_record_partial:
-      ret = OpenRecordResult::kIncompleteRecord;
-      break;
+      return OpenRecordResult::kIncompleteRecord;
     case ssl_open_record_close_notify:
-      ret = OpenRecordResult::kAlertCloseNotify;
-      break;
+      return OpenRecordResult::kAlertCloseNotify;
     case ssl_open_record_fatal_alert:
-      ret = OpenRecordResult::kAlertFatal;
-      break;
+      return OpenRecordResult::kAlertFatal;
     case ssl_open_record_error:
-      ret = OpenRecordResult::kError;
-      break;
+      return OpenRecordResult::kError;
   }
-  *out =
-      MakeSpan(const_cast<uint8_t*>(CBS_data(&plaintext)), CBS_len(&plaintext));
-  *out_record_len = record_len;
-  return ret;
+  assert(false);
+  return OpenRecordResult::kError;
 }
 
 size_t SealRecordPrefixLen(const SSL *ssl, const size_t record_len) {