diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index d30c36ea5..6ec4171a8 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -145,7 +145,7 @@ void dtls_srtp_key_derivation( void *p_expkey, int ssl_check_record( mbedtls_ssl_context const *ssl, unsigned char const *buf, size_t len ) { - int ret; + int my_ret = 0, ret_cr1, ret_cr2; unsigned char *tmp_buf; /* Record checking may modify the input buffer, @@ -155,22 +155,21 @@ int ssl_check_record( mbedtls_ssl_context const *ssl, return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); memcpy( tmp_buf, buf, len ); - ret = mbedtls_ssl_check_record( ssl, tmp_buf, len ); - if( ret != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ) + ret_cr1 = mbedtls_ssl_check_record( ssl, tmp_buf, len ); + if( ret_cr1 != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ) { - int ret_repeated; - /* Test-only: Make sure that mbedtls_ssl_check_record() * doesn't alter state. */ memcpy( tmp_buf, buf, len ); /* Restore buffer */ - ret_repeated = mbedtls_ssl_check_record( ssl, tmp_buf, len ); - if( ret != ret_repeated ) + ret_cr2 = mbedtls_ssl_check_record( ssl, tmp_buf, len ); + if( ret_cr2 != ret_cr1 ) { mbedtls_printf( "mbedtls_ssl_check_record() returned inconsistent results.\n" ); - return( -1 ); + my_ret = -1; + goto cleanup; } - switch( ret ) + switch( ret_cr1 ) { case 0: break; @@ -191,16 +190,18 @@ int ssl_check_record( mbedtls_ssl_context const *ssl, break; default: - mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret ); - return( -1 ); + mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret_cr1 ); + my_ret = -1; + goto cleanup; } /* Regardless of the outcome, forward the record to the stack. */ } +cleanup: mbedtls_free( tmp_buf ); - return( 0 ); + return( my_ret ); } int recv_cb( void *ctx, unsigned char *buf, size_t len )