commit be873e9f48b2a07269300282b69bb17d496c69ee
author Adam Langley <agl@google.com> Wed Feb 08 08:51:25 2017 -0800
committer David Benjamin <davidben@google.com> Tue Feb 14 14:49:06 2017 -0500
tree a397989df03092c3d259198cb9f7a0bdb1137583
parent b8684f0276f88d19a14149ae61f3f05d26c5b322

Set output alert when failing to parse public key.

Previously, the alert was uninitialised.

(Thanks to Robert Swiecki and honggfuzz.)

Change-Id: I2d4eb96b0126f3eb502672b2600ad43ae140acec
Reviewed-on: https://boringssl-review.googlesource.com/13700
Commit-Queue: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
(cherry picked from commit 7dccc71e08105b100c3acd56fa5f6fc1ba9b71d3)

ssl/ssl_cert.c

diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 397fbf0..8dd106c 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -496,6 +496,7 @@
     if (sk_CRYPTO_BUFFER_num(ret) == 0) {
       *out_pubkey = ssl_cert_parse_pubkey(&certificate);
       if (*out_pubkey == NULL) {
+        *out_alert = SSL_AD_DECODE_ERROR;
         goto err;
       }