Clear the error queue in fuzzer-mode Channel ID hooks. Otherwise it leaves something on the error queue and confuses SSL_get_error, should the handshake state machine fail immediately afterwards because of a BIO-level error. Change-Id: I2c7b5e31368b9c5b2efa324166f52972430d6074 Reviewed-on: https://boringssl-review.googlesource.com/24247 Reviewed-by: Steven Valdez <svaldez@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: d90b8033d724bbefd5bec1cd0e05ebdd3f056bcb [log] [tgz]
author: David Benjamin <davidben@google.com> Mon Dec 18 16:47:51 2017 -0500
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Mon Dec 18 21:56:32 2017 +0000
tree: 3cb000d412c7985fb16e95e06c5ad94554317fd1
parent: 287ac180eef9085289d182758dfa00ff6b479255 [diff]
diff --git a/ssl/t1_lib.cc b/ssl/t1_lib.cc
index 5a91b7a..34ad410 100644
--- a/ssl/t1_lib.cc
+++ b/ssl/t1_lib.cc

@@ -3264,6 +3264,7 @@
   int sig_ok = ECDSA_do_verify(digest, digest_len, sig.get(), key.get());
 #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
   sig_ok = 1;
+  ERR_clear_error();
 #endif
   if (!sig_ok) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_SIGNATURE_INVALID);
commit	d90b8033d724bbefd5bec1cd0e05ebdd3f056bcb	[log] [tgz]
author	David Benjamin <davidben@google.com>	Mon Dec 18 16:47:51 2017 -0500
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Mon Dec 18 21:56:32 2017 +0000
tree	3cb000d412c7985fb16e95e06c5ad94554317fd1
parent	287ac180eef9085289d182758dfa00ff6b479255 [diff]