1 files changed, 22 insertions, 19 deletions

diff --git a/extra/yassl/src/yassl_imp.cpp b/extra/yassl/src/yassl_imp.cpp
index d981605d35a..6d2549749f2 100644
--- a/extra/yassl/src/yassl_imp.cpp
+++ b/extra/yassl/src/yassl_imp.cpp
@@ -117,7 +117,7 @@ void ClientDiffieHellmanPublic::build(SSL& ssl)
     if (*dhClient.get_agreedKey() == 0) 
         ssl.set_preMaster(dhClient.get_agreedKey() + 1, keyLength - 1);
     else
-    ssl.set_preMaster(dhClient.get_agreedKey(), keyLength);
+        ssl.set_preMaster(dhClient.get_agreedKey(), keyLength);
 }
 
 
@@ -135,8 +135,7 @@ void DH_Server::build(SSL& ssl)
     mySTL::auto_ptr<Auth> auth;
     const CertManager& cert = ssl.getCrypto().get_certManager();
     
-    if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo)
-    {
+    if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) {
         if (cert.get_keyType() != rsa_sa_algo) {
             ssl.SetError(privateKey_error);
             return;
@@ -925,8 +924,6 @@ Data::Data(uint16 len, opaque* b)
 
 void Data::SetData(uint16 len, const opaque* buffer)
 {
-    assert(write_buffer_ == 0);
-
     length_ = len;
     write_buffer_ = buffer;
 }
@@ -992,6 +989,11 @@ void Data::Process(input_buffer& input, SSL& ssl)
     int dataSz = msgSz - ivExtra - digestSz - pad - padSz;
     opaque verify[SHA_LEN];
 
+    if (dataSz < 0) {
+        ssl.SetError(bad_input);
+        return;
+    }
+
     const byte* rawData = input.get_buffer() + input.get_current();
 
     // read data
@@ -1006,10 +1008,10 @@ void Data::Process(input_buffer& input, SSL& ssl)
                                             tmp.get_buffer(), tmp.get_size()));
         }
         else {
-        input_buffer* data;
-        ssl.addData(data = NEW_YS input_buffer(dataSz));
-        input.read(data->get_buffer(), dataSz);
-        data->add_size(dataSz);
+            input_buffer* data;
+            ssl.addData(data = NEW_YS input_buffer(dataSz));
+            input.read(data->get_buffer(), dataSz);
+            data->add_size(dataSz);
         }
 
         if (ssl.isTLS())
@@ -1294,12 +1296,11 @@ void ServerHello::Process(input_buffer&, SSL& ssl)
     ssl.set_pending(cipher_suite_[1]);
     ssl.set_random(random_, server_end);
     if (id_len_)
-    ssl.set_sessionID(session_id_);
+        ssl.set_sessionID(session_id_);
     else
         ssl.useSecurity().use_connection().sessionID_Set_ = false;
 
-    if (ssl.getSecurity().get_resuming())
-    {
+    if (ssl.getSecurity().get_resuming()) {
         if (memcmp(session_id_, ssl.getSecurity().get_resume().GetID(),
                    ID_LEN) == 0) {
             ssl.set_masterSecret(ssl.getSecurity().get_resume().GetSecret());
@@ -1423,7 +1424,7 @@ input_buffer& operator>>(input_buffer& input, ClientHello& hello)
     if (hello.id_len_) input.read(hello.session_id_, ID_LEN);
     
     // Suites
-    byte tmp[2];
+    byte   tmp[2];
     uint16 len;
     tmp[0] = input[AUTO];
     tmp[1] = input[AUTO];
@@ -1431,8 +1432,8 @@ input_buffer& operator>>(input_buffer& input, ClientHello& hello)
 
     hello.suite_len_ = min(len, static_cast<uint16>(MAX_SUITE_SZ));
     input.read(hello.cipher_suites_, hello.suite_len_);
-    if (len > hello.suite_len_) // ignore extra suites
-        input.set_current(input.get_current() + len -  hello.suite_len_);
+    if (len > hello.suite_len_)  // ignore extra suites
+        input.set_current(input.get_current() + len - hello.suite_len_);
 
     // Compression
     hello.comp_len_ = input[AUTO];
@@ -1496,8 +1497,9 @@ void ClientHello::Process(input_buffer&, SSL& ssl)
     if (ssl.GetMultiProtocol()) {   // SSLv23 support
         if (ssl.isTLS() && client_version_.minor_ < 1) {
             // downgrade to SSLv3
-        ssl.useSecurity().use_connection().TurnOffTLS();
-        ProtocolVersion pv = ssl.getSecurity().get_connection().version_;
+            ssl.useSecurity().use_connection().TurnOffTLS();
+            
+            ProtocolVersion pv = ssl.getSecurity().get_connection().version_;
             bool removeDH  = ssl.getSecurity().get_parms().removeDH_;
             bool removeRSA = false;
             bool removeDSA = false;
@@ -1511,7 +1513,7 @@ void ClientHello::Process(input_buffer&, SSL& ssl)
             // reset w/ SSL suites
             ssl.useSecurity().use_parms().SetSuites(pv, removeDH, removeRSA,
                                                     removeDSA);
-    }
+        }
         else if (ssl.isTLSv1_1() && client_version_.minor_ == 1)
             // downgrade to TLSv1, but use same suites
             ssl.useSecurity().use_connection().TurnOffTLS1_1();
@@ -1542,6 +1544,7 @@ void ClientHello::Process(input_buffer&, SSL& ssl)
         ssl.set_session(session);
         ssl.useSecurity().set_resuming(true);
         ssl.matchSuite(session->GetSuite(), SUITE_LEN);
+        if (ssl.GetError()) return;
         ssl.set_pending(ssl.getSecurity().get_parms().suite_[1]);
         ssl.set_masterSecret(session->GetSecret());
 
@@ -2038,7 +2041,7 @@ void Finished::Process(input_buffer& input, SSL& ssl)
     // verify hashes
     const  Finished& verify = ssl.getHashes().get_verify();
     uint finishedSz = ssl.isTLS() ? TLS_FINISHED_SZ : FINISHED_SZ;
-
+    
     input.read(hashes_.md5_, finishedSz);
 
     if (memcmp(&hashes_, &verify.hashes_, finishedSz)) {