Establish that the default value of an out-arg for alerts is SSL_AD_DECODE_ERROR.
We already have some cases where the default is DECODE_ERROR and, rather
than have two defaults, just harmonise on that. (INTERNAL_ERROR might
make more sense in some cases, but we don't want to have to remember
what the default is in each case and nobody really cares what the actual
value is anyway.)
Change-Id: I28007898e8d6e7415219145eb9f43ea875028ab2
Reviewed-on: https://boringssl-review.googlesource.com/13720
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/handshake_client.c b/ssl/handshake_client.c
index 23a4cff..ad0f06a 100644
--- a/ssl/handshake_client.c
+++ b/ssl/handshake_client.c
@@ -1068,7 +1068,7 @@
CBS cbs;
CBS_init(&cbs, ssl->init_msg, ssl->init_num);
- uint8_t alert;
+ uint8_t alert = SSL_AD_DECODE_ERROR;
sk_CRYPTO_BUFFER_pop_free(ssl->s3->new_session->certs, CRYPTO_BUFFER_free);
EVP_PKEY_free(hs->peer_pubkey);
hs->peer_pubkey = NULL;
@@ -1439,7 +1439,7 @@
}
}
- uint8_t alert;
+ uint8_t alert = SSL_AD_DECODE_ERROR;
STACK_OF(X509_NAME) *ca_sk = ssl_parse_client_CA_list(ssl, &alert, &cbs);
if (ca_sk == NULL) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
@@ -1619,7 +1619,7 @@
}
/* Compute the premaster. */
- uint8_t alert;
+ uint8_t alert = SSL_AD_DECODE_ERROR;
if (!SSL_ECDH_CTX_accept(&hs->ecdh_ctx, &child, &pms, &pms_len, &alert,
hs->peer_key, hs->peer_key_len)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);