OpenCoverage

rec_layer_s3.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/openssl/src/ssl/record/rec_layer_s3.c

Source code

Switch to Preprocessed file

Line Source Count

1 /* -

3 * -

4 * Licensed under the OpenSSL license (the "License"). You may not use -

5 * this file except in compliance with the License. You can obtain a copy -

6 * in the file LICENSE in the source distribution or at -

7 * https://www.openssl.org/source/license.html -

8 */ -

9 -

10 #include <stdio.h> -

11 #include <limits.h> -

12 #include <errno.h> -

13 #include "../ssl_locl.h" -

14 #include <openssl/evp.h> -

15 #include <openssl/buffer.h> -

16 #include <openssl/rand.h> -

17 #include "record_locl.h" -

18 #include "../packet_locl.h" -

19 -

20 #if defined(OPENSSL_SMALL_FOOTPRINT) || \ -

21 !( defined(AES_ASM) && ( \ -

22 defined(__x86_64) || defined(__x86_64__) || \ -

23 defined(_M_AMD64) || defined(_M_X64) ) \ -

24 ) -

25 # undef EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK -

26 # define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0 -

27 #endif -

28 -

29 void RECORD_LAYER_init(RECORD_LAYER *rl, SSL *s) -

30 { -

31 rl->s = s; -

32 RECORD_LAYER_set_first_record(&s->rlayer); -

33 SSL3_RECORD_clear(rl->rrec, SSL_MAX_PIPELINES); -

}

executed 8254 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

8254

35 -

36 void RECORD_LAYER_clear(RECORD_LAYER *rl) -

37 { -

38 rl->rstate = SSL_ST_READ_HEADER; -

39 -

40 /* -

41 * Do I need to clear read_ahead? As far as I can tell read_ahead did not -

42 * previously get reset by SSL_clear...so I'll keep it that way..but is -

43 * that right? -

44 */ -

45 -

46 rl->packet = NULL; -

47 rl->packet_length = 0; -

48 rl->wnum = 0; -

49 memset(rl->handshake_fragment, 0, sizeof(rl->handshake_fragment)); -

50 rl->handshake_fragment_len = 0; -

51 rl->wpend_tot = 0; -

52 rl->wpend_type = 0; -

53 rl->wpend_ret = 0; -

54 rl->wpend_buf = NULL; -

55 -

56 SSL3_BUFFER_clear(&rl->rbuf); -

57 ssl3_release_write_buffer(rl->s); -

58 rl->numrpipes = 0; -

59 SSL3_RECORD_clear(rl->rrec, SSL_MAX_PIPELINES); -

60 -

61 RECORD_LAYER_reset_read_sequence(rl); -

62 RECORD_LAYER_reset_write_sequence(rl); -

63 -

if (rl->d)

rl->d	Description
TRUE	evaluated 745 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 15524 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

745-15524

DTLS_RECORD_LAYER_clear(rl);

executed 745 times by 1 test: DTLS_RECORD_LAYER_clear(rl);

Executed by:

libssl.so.1.1

745

}

executed 16269 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

16269

67 -

68 void RECORD_LAYER_release(RECORD_LAYER *rl) -

69 { -

if (SSL3_BUFFER_is_initialised(&rl->rbuf))

((&rl->rbuf)->... ((void *)0) )	Description
TRUE	evaluated 7966 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 330 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

330-7966

ssl3_release_read_buffer(rl->s);

executed 7966 times by 1 test: ssl3_release_read_buffer(rl->s);

Executed by:

libssl.so.1.1

7966

if (rl->numwpipes > 0)

rl->numwpipes > 0	Description
TRUE	evaluated 7969 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 327 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

327-7969

ssl3_release_write_buffer(rl->s);

executed 7969 times by 1 test: ssl3_release_write_buffer(rl->s);

Executed by:

libssl.so.1.1

7969

74 SSL3_RECORD_release(rl->rrec, SSL_MAX_PIPELINES); -

}

executed 8296 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

8296

76 -

77 /* Checks if we have unprocessed read ahead data pending */ -

78 int RECORD_LAYER_read_pending(const RECORD_LAYER *rl) -

79 { -

return SSL3_BUFFER_get_left(&rl->rbuf) != 0;

executed 643 times by 1 test: return ((&rl->rbuf)->left) != 0;

Executed by:

libssl.so.1.1

643

81 } -

82 -

83 /* Checks if we have decrypted unread record data pending */ -

84 int RECORD_LAYER_processed_read_pending(const RECORD_LAYER *rl) -

85 { -

86 size_t curr_rec = 0, num_recs = RECORD_LAYER_get_numrpipes(rl); -

87 const SSL3_RECORD *rr = rl->rrec; -

88 -

while (curr_rec < num_recs && SSL3_RECORD_is_read(&rr[curr_rec]))

curr_rec < num_recs	Description
TRUE	evaluated 3339 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3526 times by 1 test Evaluated by: libssl.so.1.1

((&rr[curr_rec])->read)	Description
TRUE	evaluated 3333 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1

6-3526

curr_rec++;

executed 3333 times by 1 test: curr_rec++;

Executed by:

libssl.so.1.1

3333

91 -

return curr_rec < num_recs;

executed 3532 times by 1 test: return curr_rec < num_recs;

Executed by:

libssl.so.1.1

3532

93 } -

94 -

95 int RECORD_LAYER_write_pending(const RECORD_LAYER *rl) -

96 { -

return (rl->numwpipes > 0)

executed 47502 times by 1 test: return (rl->numwpipes > 0) && ((&rl->wbuf[rl->numwpipes - 1])->left) != 0;

Executed by:

libssl.so.1.1

(rl->numwpipes > 0)	Description
TRUE	evaluated 47481 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 21 times by 1 test Evaluated by: libssl.so.1.1

21-47502

&& SSL3_BUFFER_get_left(&rl->wbuf[rl->numwpipes - 1]) != 0;

executed 47502 times by 1 test: return (rl->numwpipes > 0) && ((&rl->wbuf[rl->numwpipes - 1])->left) != 0;

Executed by:

libssl.so.1.1

((&rl->wbuf[rl...])->left) != 0	Description
TRUE	never evaluated
FALSE	evaluated 47481 times by 1 test Evaluated by: libssl.so.1.1

0-47502

99 } -

100 -

101 void RECORD_LAYER_reset_read_sequence(RECORD_LAYER *rl) -

102 { -

103 memset(rl->read_sequence, 0, sizeof(rl->read_sequence)); -

104

}

executed 31588 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

31588

105 -

106 void RECORD_LAYER_reset_write_sequence(RECORD_LAYER *rl) -

107 { -

108 memset(rl->write_sequence, 0, sizeof(rl->write_sequence)); -

109

}

executed 21344 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

21344

110 -

111 size_t ssl3_pending(const SSL *s) -

112 { -

113 size_t i, num = 0; -

114 -

115

if (s->rlayer.rstate == SSL_ST_READ_BODY)

s->rlayer.rstate == 0xF1	Description
TRUE	never evaluated
FALSE	evaluated 1570 times by 1 test Evaluated by: libssl.so.1.1

0-1570

116

return 0;

never executed: return 0;

117 -

118

for (i = 0; i < RECORD_LAYER_get_numrpipes(&s->rlayer); i++) {

i < ((&s->rlayer)->numrpipes)	Description
TRUE	evaluated 491 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1277 times by 1 test Evaluated by: libssl.so.1.1

491-1277

119

if (SSL3_RECORD_get_type(&s->rlayer.rrec[i])

((&s->rlayer.r...)->type) != 23	Description
TRUE	evaluated 293 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 198 times by 1 test Evaluated by: libssl.so.1.1

198-293

120

!= SSL3_RT_APPLICATION_DATA)

((&s->rlayer.r...)->type) != 23	Description
TRUE	evaluated 293 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 198 times by 1 test Evaluated by: libssl.so.1.1

198-293

121

return 0;

executed 293 times by 1 test: return 0;

Executed by:

libssl.so.1.1

293

122 num += SSL3_RECORD_get_length(&s->rlayer.rrec[i]); -

123

}

executed 198 times by 1 test: end of block

Executed by:

libssl.so.1.1

198

124 -

125

return num;

executed 1277 times by 1 test: return num;

Executed by:

libssl.so.1.1

1277

126 } -

127 -

128 void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len) -

129 { -

130 ctx->default_read_buf_len = len; -

131

}

never executed: end of block

132 -

133 void SSL_set_default_read_buffer_len(SSL *s, size_t len) -

134 { -

135 SSL3_BUFFER_set_default_len(RECORD_LAYER_get_rbuf(&s->rlayer), len); -

136

}

never executed: end of block

137 -

138 const char *SSL_rstate_string_long(const SSL *s) -

139 { -

140 switch (s->rlayer.rstate) { -

141

case SSL_ST_READ_HEADER:

never executed: case 0xF0:

142

return "read header";

never executed: return "read header";

143

case SSL_ST_READ_BODY:

never executed: case 0xF1:

144

return "read body";

never executed: return "read body";

145

case SSL_ST_READ_DONE:

never executed: case 0xF2:

146

return "read done";

never executed: return "read done";

147

default:

never executed: default:

148

return "unknown";

never executed: return "unknown";

149 } -

150 } -

151 -

152 const char *SSL_rstate_string(const SSL *s) -

153 { -

154 switch (s->rlayer.rstate) { -

155

case SSL_ST_READ_HEADER:

never executed: case 0xF0:

156

return "RH";

never executed: return "RH";

157

case SSL_ST_READ_BODY:

never executed: case 0xF1:

158

return "RB";

never executed: return "RB";

159

case SSL_ST_READ_DONE:

never executed: case 0xF2:

160

return "RD";

never executed: return "RD";

161

default:

never executed: default:

162

return "unknown";

never executed: return "unknown";

163 } -

164 } -

165 -

166 /* -

167 * Return values are as per SSL_read() -

168 */ -

169 int ssl3_read_n(SSL *s, size_t n, size_t max, int extend, int clearold, -

170 size_t *readbytes) -

171 { -

172 /* -

173 * If extend == 0, obtain new n-byte packet; if extend == 1, increase -

174 * packet by another n bytes. The packet will be in the sub-array of -

175 * s->s3->rbuf.buf specified by s->packet and s->packet_length. (If -

176 * s->rlayer.read_ahead is set, 'max' bytes may be stored in rbuf [plus -

177 * s->packet_length bytes if extend == 1].) -

178 * if clearold == 1, move the packet to the start of the buffer; if -

179 * clearold == 0 then leave any old packets where they were -

180 */ -

181 size_t len, left, align = 0; -

182 unsigned char *pkt; -

183 SSL3_BUFFER *rb; -

184 -

185

if (n == 0)

n == 0	Description
TRUE	never evaluated
FALSE	evaluated 138375 times by 1 test Evaluated by: libssl.so.1.1

0-138375

186

return 0;

never executed: return 0;

187 -

188 rb = &s->rlayer.rbuf; -

189

if (rb->buf == NULL)

rb->buf == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 138375 times by 1 test Evaluated by: libssl.so.1.1

0-138375

190

if (!ssl3_setup_read_buffer(s)) {

!ssl3_setup_read_buffer(s)	Description
TRUE	never evaluated
FALSE	never evaluated

191 /* SSLfatal() already called */ -

192

return -1;

never executed: return -1;

193 } -

194 -

195 left = rb->left; -

196 #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0 -

197 align = (size_t)rb->buf + SSL3_RT_HEADER_LENGTH; -

198 align = SSL3_ALIGN_PAYLOAD - 1 - ((align - 1) % SSL3_ALIGN_PAYLOAD); -

199 #endif -

200 -

201

if (!extend) {

!extend	Description
TRUE	evaluated 79692 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 58683 times by 1 test Evaluated by: libssl.so.1.1

58683-79692

202 /* start with empty packet ... */ -

203

if (left == 0)

left == 0	Description
TRUE	evaluated 75549 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 4143 times by 1 test Evaluated by: libssl.so.1.1

4143-75549

204

rb->offset = align;

executed 75549 times by 1 test: rb->offset = align;

Executed by:

libssl.so.1.1

75549

205

else if (align != 0 && left >= SSL3_RT_HEADER_LENGTH) {

align != 0	Description
TRUE	evaluated 4143 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

left >= 5	Description
TRUE	evaluated 1960 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2183 times by 1 test Evaluated by: libssl.so.1.1

0-4143

206 /* -

207 * check if next packet length is large enough to justify payload -

208 * alignment... -

209 */ -

210 pkt = rb->buf + rb->offset; -

211

if (pkt[0] == SSL3_RT_APPLICATION_DATA

pkt[0] == 23	Description
TRUE	evaluated 175 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1785 times by 1 test Evaluated by: libssl.so.1.1

175-1785

212

&& (pkt[3] << 8 | pkt[4]) >= 128) {

(pkt[3] << 8 \| pkt[4]) >= 128	Description
TRUE	evaluated 42 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 133 times by 1 test Evaluated by: libssl.so.1.1

42-133

213 /* -

214 * Note that even if packet is corrupted and its length field -

215 * is insane, we can only be led to wrong decision about -

216 * whether memmove will occur or not. Header values has no -

217 * effect on memmove arguments and therefore no buffer -

218 * overrun can be triggered. -

219 */ -

220 memmove(rb->buf + align, pkt, left); -

221 rb->offset = align; -

222

}

executed 42 times by 1 test: end of block

Executed by:

libssl.so.1.1

223

}

executed 1960 times by 1 test: end of block

Executed by:

libssl.so.1.1

1960

224 s->rlayer.packet = rb->buf + rb->offset; -

225 s->rlayer.packet_length = 0; -

226 /* ... now we can act as if 'extend' was set */ -

227

}

executed 79692 times by 1 test: end of block

Executed by:

libssl.so.1.1

79692

228 -

229 len = s->rlayer.packet_length; -

230 pkt = rb->buf + align; -

231 /* -

232 * Move any available bytes to front of buffer: 'len' bytes already -

233 * pointed to by 'packet', 'left' extra ones at the end -

234 */ -

235

if (s->rlayer.packet != pkt && clearold == 1) {

s->rlayer.packet != pkt	Description
TRUE	evaluated 1921 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 136454 times by 1 test Evaluated by: libssl.so.1.1

clearold == 1	Description
TRUE	evaluated 1921 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-136454

236 memmove(pkt, s->rlayer.packet, len + left); -

237 s->rlayer.packet = pkt; -

238 rb->offset = len + align; -

239

}

executed 1921 times by 1 test: end of block

Executed by:

libssl.so.1.1

1921

240 -

241 /* -

242 * For DTLS/UDP reads should not span multiple packets because the read -

243 * operation returns the whole packet at once (as long as it fits into -

244 * the buffer). -

245 */ -

246

if (SSL_IS_DTLS(s)) {

(s->method->ss...c_flags & 0x8)	Description
TRUE	evaluated 8127 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 130248 times by 1 test Evaluated by: libssl.so.1.1

8127-130248

247

if (left == 0 && extend)

left == 0	Description
TRUE	evaluated 2955 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 5172 times by 1 test Evaluated by: libssl.so.1.1

extend	Description
TRUE	never evaluated
FALSE	evaluated 2955 times by 1 test Evaluated by: libssl.so.1.1

0-5172

248

return 0;

never executed: return 0;

249

if (left > 0 && n > left)

left > 0	Description
TRUE	evaluated 5172 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2955 times by 1 test Evaluated by: libssl.so.1.1

n > left	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 5168 times by 1 test Evaluated by: libssl.so.1.1

4-5172

250

n = left;

executed 4 times by 1 test: n = left;

Executed by:

libssl.so.1.1

251

}

executed 8127 times by 1 test: end of block

Executed by:

libssl.so.1.1

8127

252 -

253 /* if there is enough in the buffer from a previous read, take some */ -

254

if (left >= n) {

left >= n	Description
TRUE	evaluated 5757 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 132618 times by 1 test Evaluated by: libssl.so.1.1

5757-132618

255 s->rlayer.packet_length += n; -

256 rb->left = left - n; -

257 rb->offset += n; -

258 *readbytes = n; -

259

return 1;

executed 5757 times by 1 test: return 1;

Executed by:

libssl.so.1.1

5757

260 } -

261 -

262 /* else we need to read more data */ -

263 -

264

if (n > rb->len - rb->offset) {

n > rb->len - rb->offset	Description
TRUE	never evaluated
FALSE	evaluated 132618 times by 1 test Evaluated by: libssl.so.1.1

0-132618

265 /* does not happen */ -

266 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_READ_N, -

267 ERR_R_INTERNAL_ERROR); -

268

return -1;

never executed: return -1;

269 } -

270 -

271 /* We always act like read_ahead is set for DTLS */ -

272

if (!s->rlayer.read_ahead && !SSL_IS_DTLS(s))

!s->rlayer.read_ahead	Description
TRUE	evaluated 132364 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 254 times by 1 test Evaluated by: libssl.so.1.1

!(s->method->s...c_flags & 0x8)	Description
TRUE	evaluated 129409 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2955 times by 1 test Evaluated by: libssl.so.1.1

254-132364

273 /* ignore max parameter */ -

274

max = n;

executed 129409 times by 1 test: max = n;

Executed by:

libssl.so.1.1

129409

275 else { -

276

if (max < n)

max < n	Description
TRUE	never evaluated
FALSE	evaluated 3209 times by 1 test Evaluated by: libssl.so.1.1

0-3209

277

max = n;

never executed: max = n;

278

if (max > rb->len - rb->offset)

max > rb->len - rb->offset	Description
TRUE	evaluated 3208 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

1-3208

279

max = rb->len - rb->offset;

executed 3208 times by 1 test: max = rb->len - rb->offset;

Executed by:

libssl.so.1.1

3208

280

}

executed 3209 times by 1 test: end of block

Executed by:

libssl.so.1.1

3209

281 -

282

while (left < n) {

left < n	Description
TRUE	evaluated 138866 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 102865 times by 1 test Evaluated by: libssl.so.1.1

102865-138866

283 size_t bioread = 0; -

284 int ret; -

285 -

286 /* -

287 * Now we have len+left bytes at the front of s->s3->rbuf.buf and -

288 * need to read in more until we have len+n (up to len+max if -

289 * possible) -

290 */ -

291 -

292 clear_sys_error(); -

293

if (s->rbio != NULL) {

s->rbio != ((void *)0)	Description
TRUE	evaluated 138866 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-138866

294 s->rwstate = SSL_READING; -

295 /* TODO(size_t): Convert this function */ -

296 ret = BIO_read(s->rbio, pkt + len + left, max - left); -

297

if (ret >= 0)

ret >= 0	Description
TRUE	evaluated 118038 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 20828 times by 1 test Evaluated by: libssl.so.1.1

20828-118038

298

bioread = ret;

executed 118038 times by 1 test: bioread = ret;

Executed by:

libssl.so.1.1

118038

299

} else {

executed 138866 times by 1 test: end of block

Executed by:

libssl.so.1.1

138866

300 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_READ_N, -

301 SSL_R_READ_BIO_NOT_SET); -

302 ret = -1; -

303

}

never executed: end of block

304 -

305

if (ret <= 0) {

ret <= 0	Description
TRUE	evaluated 29753 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 109113 times by 1 test Evaluated by: libssl.so.1.1

29753-109113

306 rb->left = left; -

307

if (s->mode & SSL_MODE_RELEASE_BUFFERS && !SSL_IS_DTLS(s))

s->mode & 0x00000010U	Description
TRUE	never evaluated
FALSE	evaluated 29753 times by 1 test Evaluated by: libssl.so.1.1

!(s->method->s...c_flags & 0x8)	Description
TRUE	never evaluated
FALSE	never evaluated

0-29753

308

if (len + left == 0)

len + left == 0	Description
TRUE	never evaluated
FALSE	never evaluated

309

ssl3_release_read_buffer(s);

never executed: ssl3_release_read_buffer(s);

310

return ret;

executed 29753 times by 1 test: return ret;

Executed by:

libssl.so.1.1

29753

311 } -

312 left += bioread; -

313 /* -

314 * reads should *never* span multiple packets for DTLS because the -

315 * underlying transport protocol is message oriented as opposed to -

316 * byte oriented as in the TLS case. -

317 */ -

318

if (SSL_IS_DTLS(s)) {

(s->method->ss...c_flags & 0x8)	Description
TRUE	evaluated 1751 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 107362 times by 1 test Evaluated by: libssl.so.1.1

1751-107362

319

if (n > left)

n > left	Description
TRUE	never evaluated
FALSE	evaluated 1751 times by 1 test Evaluated by: libssl.so.1.1

0-1751

320

n = left; /* makes the while condition false */

never executed: n = left;

321

}

executed 1751 times by 1 test: end of block

Executed by:

libssl.so.1.1

1751

322

}

executed 109113 times by 1 test: end of block

Executed by:

libssl.so.1.1

109113

323 -

324 /* done reading, now the book-keeping */ -

325 rb->offset += n; -

326 rb->left = left - n; -

327 s->rlayer.packet_length += n; -

328 s->rwstate = SSL_NOTHING; -

329 *readbytes = n; -

330

return 1;

executed 102865 times by 1 test: return 1;

Executed by:

libssl.so.1.1

102865

331 } -

332 -

333 /* -

334 * Call this to write data in records of type 'type' It will return <= 0 if -

335 * not all data has been sent or non-blocking IO. -

336 */ -

337 int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len, -

338 size_t *written) -

339 { -

340 const unsigned char *buf = buf_; -

341 size_t tot; -

342 size_t n, max_send_fragment, split_send_fragment, maxpipes; -

343 #if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK -

344 size_t nw; -

345 #endif -

346 SSL3_BUFFER *wb = &s->rlayer.wbuf[0]; -

347 int i; -

348 size_t tmpwrit; -

349 -

350 s->rwstate = SSL_NOTHING; -

351 tot = s->rlayer.wnum; -

352 /* -

353 * ensure that if we end up with a smaller value of data to write out -

354 * than the original len from a write which didn't complete for -

355 * non-blocking I/O and also somehow ended up avoiding the check for -

356 * this in ssl3_write_pending/SSL_R_BAD_WRITE_RETRY as it must never be -

357 * possible to end up with (len-tot) as a large number that will then -

358 * promptly send beyond the end of the users buffer ... so we trap and -

359 * report the error in a way the user will notice -

360 */ -

361

if ((len < s->rlayer.wnum)

(len < s->rlayer.wnum)	Description
TRUE	never evaluated
FALSE	evaluated 29362 times by 1 test Evaluated by: libssl.so.1.1

0-29362

362

|| ((wb->left != 0) && (len < (s->rlayer.wnum + s->rlayer.wpend_tot)))) {

(wb->left != 0)	Description
TRUE	evaluated 499 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 28863 times by 1 test Evaluated by: libssl.so.1.1

(len < (s->rla...er.wpend_tot))	Description
TRUE	never evaluated
FALSE	evaluated 499 times by 1 test Evaluated by: libssl.so.1.1

0-28863

363 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_WRITE_BYTES, -

364 SSL_R_BAD_LENGTH); -

365

return -1;

never executed: return -1;

366 } -

367 -

368

if (s->early_data_state == SSL_EARLY_DATA_WRITING

s->early_data_...Y_DATA_WRITING	Description
TRUE	evaluated 53 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 29309 times by 1 test Evaluated by: libssl.so.1.1

53-29309

369

&& !early_data_count_ok(s, len, 0, 1)) {

!early_data_co...(s, len, 0, 1)	Description
TRUE	never evaluated
FALSE	evaluated 53 times by 1 test Evaluated by: libssl.so.1.1

0-53

370 /* SSLfatal() already called */ -

371

return -1;

never executed: return -1;

372 } -

373 -

374 s->rlayer.wnum = 0; -

375 -

376 /* -

377 * When writing early data on the server side we could be "in_init" in -

378 * between receiving the EoED and the CF - but we don't want to handle those -

379 * messages yet. -

380 */ -

381

if (SSL_in_init(s) && !ossl_statem_get_in_handshake(s)

SSL_in_init(s)	Description
TRUE	evaluated 26538 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2824 times by 1 test Evaluated by: libssl.so.1.1

!ossl_statem_g...n_handshake(s)	Description
TRUE	evaluated 2504 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 24034 times by 1 test Evaluated by: libssl.so.1.1

2504-26538

382

&& s->early_data_state != SSL_EARLY_DATA_UNAUTH_WRITING) {

s->early_data_...UNAUTH_WRITING	Description
TRUE	evaluated 2501 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

3-2501

383 i = s->handshake_func(s); -

384 /* SSLfatal() already called */ -

385

if (i < 0)

i < 0	Description
TRUE	evaluated 2172 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 329 times by 1 test Evaluated by: libssl.so.1.1

329-2172

386

return i;

executed 2172 times by 1 test: return i;

Executed by:

libssl.so.1.1

2172

387

if (i == 0) {

i == 0	Description
TRUE	never evaluated
FALSE	evaluated 329 times by 1 test Evaluated by: libssl.so.1.1

0-329

388

return -1;

never executed: return -1;

389 } -

390

}

executed 329 times by 1 test: end of block

Executed by:

libssl.so.1.1

329

391 -

392 /* -

393 * first check if there is a SSL3_BUFFER still being written out. This -

394 * will happen with non blocking IO -

395 */ -

396

if (wb->left != 0) {

wb->left != 0	Description
TRUE	evaluated 445 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 26745 times by 1 test Evaluated by: libssl.so.1.1

445-26745

397 /* SSLfatal() already called if appropriate */ -

398 i = ssl3_write_pending(s, type, &buf[tot], s->rlayer.wpend_tot, -

399 &tmpwrit); -

400

if (i <= 0) {

i <= 0	Description
TRUE	evaluated 353 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 92 times by 1 test Evaluated by: libssl.so.1.1

92-353

401 /* XXX should we ssl3_release_write_buffer if i<0? */ -

402 s->rlayer.wnum = tot; -

403

return i;

executed 353 times by 1 test: return i;

Executed by:

libssl.so.1.1

353

404 } -

405 tot += tmpwrit; /* this might be last fragment */ -

406

}

executed 92 times by 1 test: end of block

Executed by:

libssl.so.1.1

407 #if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK -

408 /* -

409 * Depending on platform multi-block can deliver several *times* -

410 * better performance. Downside is that it has to allocate -

411 * jumbo buffer to accommodate up to 8 records, but the -

412 * compromise is considered worthy. -

413 */ -

414

if (type == SSL3_RT_APPLICATION_DATA &&

type == 23	Description
TRUE	evaluated 2803 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 24034 times by 1 test Evaluated by: libssl.so.1.1

2803-24034

415

len >= 4 * (max_send_fragment = ssl_get_max_send_fragment(s)) &&

len >= 4 * (ma...d_fragment(s))	Description
TRUE	evaluated 234 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2569 times by 1 test Evaluated by: libssl.so.1.1

234-2569

416

s->compress == NULL && s->msg_callback == NULL &&

s->compress == ((void *)0)	Description
TRUE	evaluated 234 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

s->msg_callback == ((void *)0)	Description
TRUE	evaluated 234 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-234

417

!SSL_WRITE_ETM(s) && SSL_USE_EXPLICIT_IV(s) &&

!(s->s3->flags & 0x0400)	Description
TRUE	evaluated 106 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 128 times by 1 test Evaluated by: libssl.so.1.1

(s->method->ss...c_flags & 0x1)	Description
TRUE	never evaluated
FALSE	evaluated 106 times by 1 test Evaluated by: libssl.so.1.1

0-128

418

EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(s->enc_write_ctx)) &

EVP_CIPHER_fla...x)) & 0x400000	Description
TRUE	never evaluated
FALSE	never evaluated

419

EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK) {

EVP_CIPHER_fla...x)) & 0x400000	Description
TRUE	never evaluated
FALSE	never evaluated

420 unsigned char aad[13]; -

421 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param; -

422 size_t packlen; -

423 int packleni; -

424 -

425 /* minimize address aliasing conflicts */ -

426

if ((max_send_fragment & 0xfff) == 0)

(max_send_frag... & 0xfff) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

427

max_send_fragment -= 512;

never executed: max_send_fragment -= 512;

428 -

429

if (tot == 0 || wb->buf == NULL) { /* allocate jumbo buffer */

tot == 0	Description
TRUE	never evaluated
FALSE	never evaluated

wb->buf == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

430 ssl3_release_write_buffer(s); -

431 -

432 packlen = EVP_CIPHER_CTX_ctrl(s->enc_write_ctx, -

433 EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE, -

434 (int)max_send_fragment, NULL); -

435 -

436

if (len >= 8 * max_send_fragment)

len >= 8 * max_send_fragment	Description
TRUE	never evaluated
FALSE	never evaluated

437

packlen *= 8;

never executed: packlen *= 8;

438 else -

439

packlen *= 4;

never executed: packlen *= 4;

440 -

441

if (!ssl3_setup_write_buffer(s, 1, packlen)) {

!ssl3_setup_wr...s, 1, packlen)	Description
TRUE	never evaluated
FALSE	never evaluated

442 /* SSLfatal() already called */ -

443

return -1;

never executed: return -1;

444 } -

445

} else if (tot == len) { /* done? */

never executed: end of block

tot == len	Description
TRUE	never evaluated
FALSE	never evaluated

446 /* free jumbo buffer */ -

447 ssl3_release_write_buffer(s); -

448 *written = tot; -

449

return 1;

never executed: return 1;

450 } -

451 -

452 n = (len - tot); -

453 for (;;) { -

454

if (n < 4 * max_send_fragment) {

n < 4 * max_send_fragment	Description
TRUE	never evaluated
FALSE	never evaluated

455 /* free jumbo buffer */ -

456 ssl3_release_write_buffer(s); -

457

break;

never executed: break;

458 } -

459 -

460

if (s->s3->alert_dispatch) {

s->s3->alert_dispatch	Description
TRUE	never evaluated
FALSE	never evaluated

461 i = s->method->ssl_dispatch_alert(s); -

462

if (i <= 0) {

i <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

463 /* SSLfatal() already called if appropriate */ -

464 s->rlayer.wnum = tot; -

465

return i;

never executed: return i;

466 } -

467

}

never executed: end of block

468 -

469

if (n >= 8 * max_send_fragment)

n >= 8 * max_send_fragment	Description
TRUE	never evaluated
FALSE	never evaluated

470

nw = max_send_fragment * (mb_param.interleave = 8);

never executed: nw = max_send_fragment * (mb_param.interleave = 8);

471 else -

472

nw = max_send_fragment * (mb_param.interleave = 4);

never executed: nw = max_send_fragment * (mb_param.interleave = 4);

473 -

474 memcpy(aad, s->rlayer.write_sequence, 8); -

475 aad[8] = type; -

476 aad[9] = (unsigned char)(s->version >> 8); -

477 aad[10] = (unsigned char)(s->version); -

478 aad[11] = 0; -

479 aad[12] = 0; -

480 mb_param.out = NULL; -

481 mb_param.inp = aad; -

482 mb_param.len = nw; -

483 -

484 packleni = EVP_CIPHER_CTX_ctrl(s->enc_write_ctx, -

485 EVP_CTRL_TLS1_1_MULTIBLOCK_AAD, -

486 sizeof(mb_param), &mb_param); -

487 packlen = (size_t)packleni; -

488

if (packleni <= 0 || packlen > wb->len) { /* never happens */

packleni <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

packlen > wb->len	Description
TRUE	never evaluated
FALSE	never evaluated

489 /* free jumbo buffer */ -

490 ssl3_release_write_buffer(s); -

491

break;

never executed: break;

492 } -

493 -

494 mb_param.out = wb->buf; -

495 mb_param.inp = &buf[tot]; -

496 mb_param.len = nw; -

497 -

498

if (EVP_CIPHER_CTX_ctrl(s->enc_write_ctx,

EVP_CIPHER_CTX...mb_param) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

499

EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,

EVP_CIPHER_CTX...mb_param) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

500

sizeof(mb_param), &mb_param) <= 0)

EVP_CIPHER_CTX...mb_param) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

501

return -1;

never executed: return -1;

502 -

503 s->rlayer.write_sequence[7] += mb_param.interleave; -

504

if (s->rlayer.write_sequence[7] < mb_param.interleave) {

s->rlayer.writ...ram.interleave	Description
TRUE	never evaluated
FALSE	never evaluated

505 int j = 6; -

506

while (j >= 0 && (++s->rlayer.write_sequence[j--]) == 0) ;

never executed: ;

j >= 0	Description
TRUE	never evaluated
FALSE	never evaluated

(++s->rlayer.w...nce[j--]) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

507

}

never executed: end of block

508 -

509 wb->offset = 0; -

510 wb->left = packlen; -

511 -

512 s->rlayer.wpend_tot = nw; -

513 s->rlayer.wpend_buf = &buf[tot]; -

514 s->rlayer.wpend_type = type; -

515 s->rlayer.wpend_ret = nw; -

516 -

517 i = ssl3_write_pending(s, type, &buf[tot], nw, &tmpwrit); -

518

if (i <= 0) {

i <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

519 /* SSLfatal() already called if appropriate */ -

520

if (i < 0 && (!s->wbio || !BIO_should_retry(s->wbio))) {

i < 0	Description
TRUE	never evaluated
FALSE	never evaluated

!s->wbio	Description
TRUE	never evaluated
FALSE	never evaluated

!BIO_test_flags(s->wbio, 0x08)	Description
TRUE	never evaluated
FALSE	never evaluated

521 /* free jumbo buffer */ -

522 ssl3_release_write_buffer(s); -

523

}

never executed: end of block

524 s->rlayer.wnum = tot; -

525

return i;

never executed: return i;

526 } -

527

if (tmpwrit == n) {

tmpwrit == n	Description
TRUE	never evaluated
FALSE	never evaluated

528 /* free jumbo buffer */ -

529 ssl3_release_write_buffer(s); -

530 *written = tot + tmpwrit; -

531

return 1;

never executed: return 1;

532 } -

533 n -= tmpwrit; -

534 tot += tmpwrit; -

535

}

never executed: end of block

536

} else

never executed: end of block

537 #endif /* !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK */ -

538

if (tot == len) { /* done? */

tot == len	Description
TRUE	evaluated 218 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 26619 times by 1 test Evaluated by: libssl.so.1.1

218-26619

539

if (s->mode & SSL_MODE_RELEASE_BUFFERS && !SSL_IS_DTLS(s))

s->mode & 0x00000010U	Description
TRUE	never evaluated
FALSE	evaluated 218 times by 1 test Evaluated by: libssl.so.1.1

!(s->method->s...c_flags & 0x8)	Description
TRUE	never evaluated
FALSE	never evaluated

0-218

540

ssl3_release_write_buffer(s);

never executed: ssl3_release_write_buffer(s);

541 -

542 *written = tot; -

543

return 1;

executed 218 times by 1 test: return 1;

Executed by:

libssl.so.1.1

218

544 } -

545 -

546 n = (len - tot); -

547 -

548 max_send_fragment = ssl_get_max_send_fragment(s); -

549 split_send_fragment = ssl_get_split_send_fragment(s); -

550 /* -

551 * If max_pipelines is 0 then this means "undefined" and we default to -

552 * 1 pipeline. Similarly if the cipher does not support pipelined -

553 * processing then we also only use 1 pipeline, or if we're not using -

554 * explicit IVs -

555 */ -

556 maxpipes = s->max_pipelines; -

557

if (maxpipes > SSL_MAX_PIPELINES) {

maxpipes > 32	Description
TRUE	never evaluated
FALSE	evaluated 26619 times by 1 test Evaluated by: libssl.so.1.1

0-26619

558 /* -

559 * We should have prevented this when we set max_pipelines so we -

560 * shouldn't get here -

561 */ -

562 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_WRITE_BYTES, -

563 ERR_R_INTERNAL_ERROR); -

564

return -1;

never executed: return -1;

565 } -

566

if (maxpipes == 0

maxpipes == 0	Description
TRUE	evaluated 26619 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-26619

567

|| s->enc_write_ctx == NULL

s->enc_write_c...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

568

|| !(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(s->enc_write_ctx))

!(EVP_CIPHER_f...)) & 0X800000)	Description
TRUE	never evaluated
FALSE	never evaluated

569

& EVP_CIPH_FLAG_PIPELINE)

!(EVP_CIPHER_f...)) & 0X800000)	Description
TRUE	never evaluated
FALSE	never evaluated

570

|| !SSL_USE_EXPLICIT_IV(s))

!(s->method->s...c_flags & 0x1)	Description
TRUE	never evaluated
FALSE	never evaluated

571

maxpipes = 1;

executed 26619 times by 1 test: maxpipes = 1;

Executed by:

libssl.so.1.1

26619

572

if (max_send_fragment == 0 || split_send_fragment == 0

max_send_fragment == 0	Description
TRUE	never evaluated
FALSE	evaluated 26619 times by 1 test Evaluated by: libssl.so.1.1

split_send_fragment == 0	Description
TRUE	never evaluated
FALSE	evaluated 26619 times by 1 test Evaluated by: libssl.so.1.1

0-26619

573

|| split_send_fragment > max_send_fragment) {

split_send_fra..._send_fragment	Description
TRUE	never evaluated
FALSE	evaluated 26619 times by 1 test Evaluated by: libssl.so.1.1

0-26619

574 /* -

575 * We should have prevented this when we set/get the split and max send -

576 * fragments so we shouldn't get here -

577 */ -

578 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_WRITE_BYTES, -

579 ERR_R_INTERNAL_ERROR); -

580

return -1;

never executed: return -1;

581 } -

582 -

583 for (;;) { -

584 size_t pipelens[SSL_MAX_PIPELINES], tmppipelen, remain; -

585 size_t numpipes, j; -

586 -

587

if (n == 0)

n == 0	Description
TRUE	never evaluated
FALSE	evaluated 34563 times by 1 test Evaluated by: libssl.so.1.1

0-34563

588

numpipes = 1;

never executed: numpipes = 1;

589 else -

590

numpipes = ((n - 1) / split_send_fragment) + 1;

executed 34563 times by 1 test: numpipes = ((n - 1) / split_send_fragment) + 1;

Executed by:

libssl.so.1.1

34563

591

if (numpipes > maxpipes)

numpipes > maxpipes	Description
TRUE	evaluated 7944 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 26619 times by 1 test Evaluated by: libssl.so.1.1

7944-26619

592

numpipes = maxpipes;

executed 7944 times by 1 test: numpipes = maxpipes;

Executed by:

libssl.so.1.1

7944

593 -

594

if (n / numpipes >= max_send_fragment) {

n / numpipes >..._send_fragment	Description
TRUE	evaluated 8084 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 26479 times by 1 test Evaluated by: libssl.so.1.1

8084-26479

595 /* -

596 * We have enough data to completely fill all available -

597 * pipelines -

598 */ -

599

for (j = 0; j < numpipes; j++) {

j < numpipes	Description
TRUE	evaluated 8084 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 8084 times by 1 test Evaluated by: libssl.so.1.1

8084

600 pipelens[j] = max_send_fragment; -

601

}

executed 8084 times by 1 test: end of block

Executed by:

libssl.so.1.1

8084

602

} else {

executed 8084 times by 1 test: end of block

Executed by:

libssl.so.1.1

8084

603 /* We can partially fill all available pipelines */ -

604 tmppipelen = n / numpipes; -

605 remain = n % numpipes; -

606

for (j = 0; j < numpipes; j++) {

j < numpipes	Description
TRUE	evaluated 26479 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 26479 times by 1 test Evaluated by: libssl.so.1.1

26479

607 pipelens[j] = tmppipelen; -

608

if (j < remain)

j < remain	Description
TRUE	never evaluated
FALSE	evaluated 26479 times by 1 test Evaluated by: libssl.so.1.1

0-26479

609

pipelens[j]++;

never executed: pipelens[j]++;

610

}

executed 26479 times by 1 test: end of block

Executed by:

libssl.so.1.1

26479

611

}

executed 26479 times by 1 test: end of block

Executed by:

libssl.so.1.1

26479

612 -

613 i = do_ssl3_write(s, type, &(buf[tot]), pipelens, numpipes, 0, -

614 &tmpwrit); -

615

if (i <= 0) {

i <= 0	Description
TRUE	evaluated 92 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 34471 times by 1 test Evaluated by: libssl.so.1.1

92-34471

616 /* SSLfatal() already called if appropriate */ -

617 /* XXX should we ssl3_release_write_buffer if i<0? */ -

618 s->rlayer.wnum = tot; -

619

return i;

executed 92 times by 1 test: return i;

Executed by:

libssl.so.1.1

620 } -

621 -

622

if (tmpwrit == n ||

tmpwrit == n	Description
TRUE	evaluated 26527 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 7944 times by 1 test Evaluated by: libssl.so.1.1

7944-26527

623

(type == SSL3_RT_APPLICATION_DATA &&

type == 23	Description
TRUE	evaluated 6950 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 994 times by 1 test Evaluated by: libssl.so.1.1

994-6950

624

(s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE))) {

(s->mode & 0x00000001U)	Description
TRUE	never evaluated
FALSE	evaluated 6950 times by 1 test Evaluated by: libssl.so.1.1

0-6950

625 /* -

626 * next chunk of data should get another prepended empty fragment -

627 * in ciphersuites with known-IV weakness: -

628 */ -

629 s->s3->empty_fragment_done = 0; -

630 -

631

if ((i == (int)n) && s->mode & SSL_MODE_RELEASE_BUFFERS &&

(i == (int)n)	Description
TRUE	evaluated 4329 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 22198 times by 1 test Evaluated by: libssl.so.1.1

s->mode & 0x00000010U	Description
TRUE	never evaluated
FALSE	evaluated 4329 times by 1 test Evaluated by: libssl.so.1.1

0-22198

632

!SSL_IS_DTLS(s))

!(s->method->s...c_flags & 0x8)	Description
TRUE	never evaluated
FALSE	never evaluated

633

ssl3_release_write_buffer(s);

never executed: ssl3_release_write_buffer(s);

634 -

635 *written = tot + tmpwrit; -

636

return 1;

executed 26527 times by 1 test: return 1;

Executed by:

libssl.so.1.1

26527

637 } -

638 -

639 n -= tmpwrit; -

640 tot += tmpwrit; -

641

}

executed 7944 times by 1 test: end of block

Executed by:

libssl.so.1.1

7944

642

}

never executed: end of block

643 -

644 int do_ssl3_write(SSL *s, int type, const unsigned char *buf, -

645 size_t *pipelens, size_t numpipes, -

646 int create_empty_fragment, size_t *written) -

647 { -

648 WPACKET pkt[SSL_MAX_PIPELINES]; -

649 SSL3_RECORD wr[SSL_MAX_PIPELINES]; -

650 WPACKET *thispkt; -

651 SSL3_RECORD *thiswr; -

652 unsigned char *recordstart; -

653 int i, mac_size, clear = 0; -

654 size_t prefix_len = 0; -

655 int eivlen = 0; -

656 size_t align = 0; -

657 SSL3_BUFFER *wb; -

658 SSL_SESSION *sess; -

659 size_t totlen = 0, len, wpinited = 0; -

660 size_t j; -

661 -

662

for (j = 0; j < numpipes; j++)

j < numpipes	Description
TRUE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

41051

663

totlen += pipelens[j];

executed 41051 times by 1 test: totlen += pipelens[j];

Executed by:

libssl.so.1.1

41051

664 /* -

665 * first check if there is a SSL3_BUFFER still being written out. This -

666 * will happen with non blocking IO -

667 */ -

668

if (RECORD_LAYER_write_pending(&s->rlayer)) {

RECORD_LAYER_w...ng(&s->rlayer)	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

669 /* Calls SSLfatal() as required */ -

670

return ssl3_write_pending(s, type, buf, totlen, written);

never executed: return ssl3_write_pending(s, type, buf, totlen, written);

671 } -

672 -

673 /* If we have an alert to send, lets send it */ -

674

if (s->s3->alert_dispatch) {

s->s3->alert_dispatch	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

675 i = s->method->ssl_dispatch_alert(s); -

676

if (i <= 0) {

i <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

677 /* SSLfatal() already called if appropriate */ -

678

return i;

never executed: return i;

679 } -

680 /* if it went, fall through and send more stuff */ -

681

}

never executed: end of block

682 -

683

if (s->rlayer.numwpipes < numpipes) {

s->rlayer.numwpipes < numpipes	Description
TRUE	evaluated 12 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 41039 times by 1 test Evaluated by: libssl.so.1.1

12-41039

684

if (!ssl3_setup_write_buffer(s, numpipes, 0)) {

!ssl3_setup_wr..., numpipes, 0)	Description
TRUE	never evaluated
FALSE	evaluated 12 times by 1 test Evaluated by: libssl.so.1.1

0-12

685 /* SSLfatal() already called */ -

686

return -1;

never executed: return -1;

687 } -

688

}

executed 12 times by 1 test: end of block

Executed by:

libssl.so.1.1

689 -

690

if (totlen == 0 && !create_empty_fragment)

totlen == 0	Description
TRUE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 40701 times by 1 test Evaluated by: libssl.so.1.1

!create_empty_fragment	Description
TRUE	never evaluated
FALSE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1

0-40701

691

return 0;

never executed: return 0;

692 -

693 sess = s->session; -

694 -

695

if ((sess == NULL) ||

(sess == ((void *)0) )	Description
TRUE	evaluated 965 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 40086 times by 1 test Evaluated by: libssl.so.1.1

965-40086

696

(s->enc_write_ctx == NULL) || (EVP_MD_CTX_md(s->write_hash) == NULL)) {

(s->enc_write_... ((void *)0) )	Description
TRUE	evaluated 19866 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 20220 times by 1 test Evaluated by: libssl.so.1.1

(EVP_MD_CTX_md... ((void *)0) )	Description
TRUE	evaluated 14738 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 5482 times by 1 test Evaluated by: libssl.so.1.1

5482-20220

697

clear = s->enc_write_ctx ? 0 : 1; /* must be AEAD cipher */

s->enc_write_ctx	Description
TRUE	evaluated 14738 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 20831 times by 1 test Evaluated by: libssl.so.1.1

14738-20831

698 mac_size = 0; -

699

} else {

executed 35569 times by 1 test: end of block

Executed by:

libssl.so.1.1

35569

700 /* TODO(siz_t): Convert me */ -

701 mac_size = EVP_MD_CTX_size(s->write_hash); -

702

if (mac_size < 0) {

mac_size < 0	Description
TRUE	never evaluated
FALSE	evaluated 5482 times by 1 test Evaluated by: libssl.so.1.1

0-5482

703 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

704 ERR_R_INTERNAL_ERROR); -

705

goto err;

never executed: goto err;

706 } -

707

}

executed 5482 times by 1 test: end of block

Executed by:

libssl.so.1.1

5482

708 -

709 /* -

710 * 'create_empty_fragment' is true only when this function calls itself -

711 */ -

712

if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done) {

!clear	Description
TRUE	evaluated 20220 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 20831 times by 1 test Evaluated by: libssl.so.1.1

!create_empty_fragment	Description
TRUE	evaluated 19870 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1

!s->s3->empty_fragment_done	Description
TRUE	evaluated 12465 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 7405 times by 1 test Evaluated by: libssl.so.1.1

350-20831

713 /* -

714 * countermeasure against known-IV weakness in CBC ciphersuites (see -

715 * http://www.openssl.org/~bodo/tls-cbc.txt) -

716 */ -

717 -

718

if (s->s3->need_empty_fragments && type == SSL3_RT_APPLICATION_DATA) {

s->s3->need_empty_fragments	Description
TRUE	evaluated 1111 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 11354 times by 1 test Evaluated by: libssl.so.1.1

type == 23	Description
TRUE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 761 times by 1 test Evaluated by: libssl.so.1.1

350-11354

719 /* -

720 * recursive function call with 'create_empty_fragment' set; this -

721 * prepares and buffers the data for an empty fragment (these -

722 * 'prefix_len' bytes are sent out later together with the actual -

723 * payload) -

724 */ -

725 size_t tmppipelen = 0; -

726 int ret; -

727 -

728 ret = do_ssl3_write(s, type, buf, &tmppipelen, 1, 1, &prefix_len); -

729

if (ret <= 0) {

ret <= 0	Description
TRUE	never evaluated
FALSE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1

0-350

730 /* SSLfatal() already called if appropriate */ -

731

goto err;

never executed: goto err;

732 } -

733 -

734

if (prefix_len >

prefix_len > (5 + (16 + 64))	Description
TRUE	never evaluated
FALSE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1

0-350

735

(SSL3_RT_HEADER_LENGTH + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD)) {

prefix_len > (5 + (16 + 64))	Description
TRUE	never evaluated
FALSE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1

0-350

736 /* insufficient space */ -

737 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

738 ERR_R_INTERNAL_ERROR); -

739

goto err;

never executed: goto err;

740 } -

741

}

executed 350 times by 1 test: end of block

Executed by:

libssl.so.1.1

350

742 -

743 s->s3->empty_fragment_done = 1; -

744

}

executed 12465 times by 1 test: end of block

Executed by:

libssl.so.1.1

12465

745 -

746

if (create_empty_fragment) {

create_empty_fragment	Description
TRUE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 40701 times by 1 test Evaluated by: libssl.so.1.1

350-40701

747 wb = &s->rlayer.wbuf[0]; -

748 #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0 -

749 /* -

750 * extra fragment would be couple of cipher blocks, which would be -

751 * multiple of SSL3_ALIGN_PAYLOAD, so if we want to align the real -

752 * payload, then we can just pretend we simply have two headers. -

753 */ -

754 align = (size_t)SSL3_BUFFER_get_buf(wb) + 2 * SSL3_RT_HEADER_LENGTH; -

755 align = SSL3_ALIGN_PAYLOAD - 1 - ((align - 1) % SSL3_ALIGN_PAYLOAD); -

756 #endif -

757 SSL3_BUFFER_set_offset(wb, align); -

758

if (!WPACKET_init_static_len(&pkt[0], SSL3_BUFFER_get_buf(wb),

!WPACKET_init_...(wb)->len), 0)	Description
TRUE	never evaluated
FALSE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1

0-350

759

SSL3_BUFFER_get_len(wb), 0)

!WPACKET_init_...(wb)->len), 0)	Description
TRUE	never evaluated
FALSE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1

0-350

760

|| !WPACKET_allocate_bytes(&pkt[0], align, NULL)) {

!WPACKET_alloc... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1

0-350

761 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

762 ERR_R_INTERNAL_ERROR); -

763

goto err;

never executed: goto err;

764 } -

765 wpinited = 1; -

766

} else if (prefix_len) {

executed 350 times by 1 test: end of block

Executed by:

libssl.so.1.1

prefix_len	Description
TRUE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 40351 times by 1 test Evaluated by: libssl.so.1.1

350-40351

767 wb = &s->rlayer.wbuf[0]; -

768

if (!WPACKET_init_static_len(&pkt[0],

!WPACKET_init_...(wb)->len), 0)	Description
TRUE	never evaluated
FALSE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1

0-350

769

SSL3_BUFFER_get_buf(wb),

!WPACKET_init_...(wb)->len), 0)	Description
TRUE	never evaluated
FALSE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1

0-350

770

SSL3_BUFFER_get_len(wb), 0)

!WPACKET_init_...(wb)->len), 0)	Description
TRUE	never evaluated
FALSE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1

0-350

771

|| !WPACKET_allocate_bytes(&pkt[0], SSL3_BUFFER_get_offset(wb)

!WPACKET_alloc... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1

0-350

772

+ prefix_len, NULL)) {

!WPACKET_alloc... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1

0-350

773 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

774 ERR_R_INTERNAL_ERROR); -

775

goto err;

never executed: goto err;

776 } -

777 wpinited = 1; -

778

} else {

executed 350 times by 1 test: end of block

Executed by:

libssl.so.1.1

350

779

for (j = 0; j < numpipes; j++) {

j < numpipes	Description
TRUE	evaluated 40351 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 40351 times by 1 test Evaluated by: libssl.so.1.1

40351

780 thispkt = &pkt[j]; -

781 -

782 wb = &s->rlayer.wbuf[j]; -

783 #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD != 0 -

784 align = (size_t)SSL3_BUFFER_get_buf(wb) + SSL3_RT_HEADER_LENGTH; -

785 align = SSL3_ALIGN_PAYLOAD - 1 - ((align - 1) % SSL3_ALIGN_PAYLOAD); -

786 #endif -

787 SSL3_BUFFER_set_offset(wb, align); -

788

if (!WPACKET_init_static_len(thispkt, SSL3_BUFFER_get_buf(wb),

!WPACKET_init_...(wb)->len), 0)	Description
TRUE	never evaluated
FALSE	evaluated 40351 times by 1 test Evaluated by: libssl.so.1.1

0-40351

789

SSL3_BUFFER_get_len(wb), 0)

!WPACKET_init_...(wb)->len), 0)	Description
TRUE	never evaluated
FALSE	evaluated 40351 times by 1 test Evaluated by: libssl.so.1.1

0-40351

790

|| !WPACKET_allocate_bytes(thispkt, align, NULL)) {

!WPACKET_alloc... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 40351 times by 1 test Evaluated by: libssl.so.1.1

0-40351

791 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

792 ERR_R_INTERNAL_ERROR); -

793

goto err;

never executed: goto err;

794 } -

795 wpinited++; -

796

}

executed 40351 times by 1 test: end of block

Executed by:

libssl.so.1.1

40351

797

}

executed 40351 times by 1 test: end of block

Executed by:

libssl.so.1.1

40351

798 -

799 /* Explicit IV length, block ciphers appropriate version flag */ -

800

if (s->enc_write_ctx && SSL_USE_EXPLICIT_IV(s) && !SSL_TREAT_AS_TLS13(s)) {

s->enc_write_ctx	Description
TRUE	evaluated 20220 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 20831 times by 1 test Evaluated by: libssl.so.1.1

(s->method->ss...c_flags & 0x1)	Description
TRUE	evaluated 6322 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 13898 times by 1 test Evaluated by: libssl.so.1.1

!(s->method->s...c_flags & 0x8)	Description
TRUE	evaluated 6322 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

(s)->method->version >= 0x0304	Description
TRUE	evaluated 46 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 6276 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->v...ion != 0x10000	Description
TRUE	never evaluated
FALSE	evaluated 46 times by 1 test Evaluated by: libssl.so.1.1

(s)->early_dat...ATA_CONNECTING	Description
TRUE	never evaluated
FALSE	evaluated 6322 times by 1 test Evaluated by: libssl.so.1.1

(s)->early_dat..._CONNECT_RETRY	Description
TRUE	never evaluated
FALSE	evaluated 6322 times by 1 test Evaluated by: libssl.so.1.1

(s)->early_dat...Y_DATA_WRITING	Description
TRUE	evaluated 46 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 6276 times by 1 test Evaluated by: libssl.so.1.1

(s)->early_dat...TA_WRITE_RETRY	Description
TRUE	never evaluated
FALSE	evaluated 6276 times by 1 test Evaluated by: libssl.so.1.1

(s)->hello_ret...SL_HRR_PENDING	Description
TRUE	never evaluated
FALSE	evaluated 6276 times by 1 test Evaluated by: libssl.so.1.1

0-20831

801 int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx); -

802

if (mode == EVP_CIPH_CBC_MODE) {

mode == 0x2	Description
TRUE	evaluated 3898 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2378 times by 1 test Evaluated by: libssl.so.1.1

2378-3898

803 /* TODO(size_t): Convert me */ -

804 eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx); -

805

if (eivlen <= 1)

eivlen <= 1	Description
TRUE	never evaluated
FALSE	evaluated 3898 times by 1 test Evaluated by: libssl.so.1.1

0-3898

806

eivlen = 0;

never executed: eivlen = 0;

807

} else if (mode == EVP_CIPH_GCM_MODE) {

executed 3898 times by 1 test: end of block

Executed by:

libssl.so.1.1

mode == 0x6	Description
TRUE	evaluated 2198 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 180 times by 1 test Evaluated by: libssl.so.1.1

180-3898

808 /* Need explicit part of IV for GCM mode */ -

809 eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN; -

810

} else if (mode == EVP_CIPH_CCM_MODE) {

executed 2198 times by 1 test: end of block

Executed by:

libssl.so.1.1

mode == 0x7	Description
TRUE	evaluated 115 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 65 times by 1 test Evaluated by: libssl.so.1.1

65-2198

811 eivlen = EVP_CCM_TLS_EXPLICIT_IV_LEN; -

812

}

executed 115 times by 1 test: end of block

Executed by:

libssl.so.1.1

115

813

}

executed 6276 times by 1 test: end of block

Executed by:

libssl.so.1.1

6276

814 -

815 totlen = 0; -

816 /* Clear our SSL3_RECORD structures */ -

817 memset(wr, 0, sizeof(wr)); -

818

for (j = 0; j < numpipes; j++) {

j < numpipes	Description
TRUE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

41051

819

unsigned int version = (s->version == TLS1_3_VERSION) ? TLS1_2_VERSION

(s->version == 0x0304)	Description
TRUE	evaluated 20311 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 20740 times by 1 test Evaluated by: libssl.so.1.1

20311-20740

820 : s->version; -

821 unsigned char *compressdata = NULL; -

822 size_t maxcomplen; -

823 unsigned int rectype; -

824 -

825 thispkt = &pkt[j]; -

826 thiswr = &wr[j]; -

827 -

828 /* -

829 * In TLSv1.3, once encrypting, we always use application data for the -

830 * record type -

831 */ -

832

if (SSL_TREAT_AS_TLS13(s)

!(s->method->s...c_flags & 0x8)	Description
TRUE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

(s)->method->version >= 0x0304	Description
TRUE	evaluated 21674 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 19377 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->v...ion != 0x10000	Description
TRUE	evaluated 15022 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 6652 times by 1 test Evaluated by: libssl.so.1.1

(s)->early_dat...ATA_CONNECTING	Description
TRUE	evaluated 101 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 25928 times by 1 test Evaluated by: libssl.so.1.1

(s)->early_dat..._CONNECT_RETRY	Description
TRUE	never evaluated
FALSE	evaluated 25928 times by 1 test Evaluated by: libssl.so.1.1

(s)->early_dat...Y_DATA_WRITING	Description
TRUE	evaluated 46 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 25882 times by 1 test Evaluated by: libssl.so.1.1

(s)->early_dat...TA_WRITE_RETRY	Description
TRUE	never evaluated
FALSE	evaluated 25882 times by 1 test Evaluated by: libssl.so.1.1

(s)->hello_ret...SL_HRR_PENDING	Description
TRUE	evaluated 1436 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 24446 times by 1 test Evaluated by: libssl.so.1.1

0-41051

833

&& s->enc_write_ctx != NULL

s->enc_write_c...!= ((void *)0)	Description
TRUE	evaluated 12393 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 4212 times by 1 test Evaluated by: libssl.so.1.1

4212-12393

834

&& (s->statem.enc_write_state != ENC_WRITE_STATE_WRITE_PLAIN_ALERTS

s->statem.enc_...E_PLAIN_ALERTS	Description
TRUE	evaluated 12347 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 46 times by 1 test Evaluated by: libssl.so.1.1

46-12347

835

|| type != SSL3_RT_ALERT))

type != 21	Description
TRUE	evaluated 46 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-46

836

rectype = SSL3_RT_APPLICATION_DATA;

executed 12393 times by 1 test: rectype = 23;

Executed by:

libssl.so.1.1

12393

837 else -

838

rectype = type;

executed 28658 times by 1 test: rectype = type;

Executed by:

libssl.so.1.1

28658

839 SSL3_RECORD_set_type(thiswr, rectype); -

840 -

841 /* -

842 * Some servers hang if initial client hello is larger than 256 bytes -

843 * and record version number > TLS 1.0 -

844 */ -

845

if (SSL_get_state(s) == TLS_ST_CW_CLNT_HELLO

SSL_get_state(..._CW_CLNT_HELLO	Description
TRUE	evaluated 4853 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 36198 times by 1 test Evaluated by: libssl.so.1.1

4853-36198

846

&& !s->renegotiate

!s->renegotiate	Description
TRUE	evaluated 4832 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 21 times by 1 test Evaluated by: libssl.so.1.1

21-4832

847

&& TLS1_get_version(s) > TLS1_VERSION

(SSL_version(s) >> 8) == 0x03	Description
TRUE	evaluated 4832 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

((SSL_version(... : 0) > 0x0301	Description
TRUE	evaluated 4671 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 161 times by 1 test Evaluated by: libssl.so.1.1

0-4832

848

&& s->hello_retry_request == SSL_HRR_NONE)

s->hello_retry...= SSL_HRR_NONE	Description
TRUE	evaluated 3986 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 685 times by 1 test Evaluated by: libssl.so.1.1

685-3986

849

version = TLS1_VERSION;

executed 3986 times by 1 test: version = 0x0301;

Executed by:

libssl.so.1.1

3986

850 SSL3_RECORD_set_rec_version(thiswr, version); -

851 -

852 maxcomplen = pipelens[j]; -

853

if (s->compress != NULL)

s->compress != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

854

maxcomplen += SSL3_RT_MAX_COMPRESSED_OVERHEAD;

never executed: maxcomplen += 1024;

855 -

856 /* write the header */ -

857

if (!WPACKET_put_bytes_u8(thispkt, rectype)

!WPACKET_put_b... (rectype), 1)	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

858

|| !WPACKET_put_bytes_u16(thispkt, version)

!WPACKET_put_b... (version), 2)	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

859

|| !WPACKET_start_sub_packet_u16(thispkt)

!WPACKET_start...((thispkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

860

|| (eivlen > 0

eivlen > 0	Description
TRUE	evaluated 6211 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 34840 times by 1 test Evaluated by: libssl.so.1.1

6211-34840

861

&& !WPACKET_allocate_bytes(thispkt, eivlen, NULL))

!WPACKET_alloc... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 6211 times by 1 test Evaluated by: libssl.so.1.1

0-6211

862

|| (maxcomplen > 0

maxcomplen > 0	Description
TRUE	evaluated 40701 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1

350-40701

863

&& !WPACKET_reserve_bytes(thispkt, maxcomplen,

!WPACKET_reser...&compressdata)	Description
TRUE	never evaluated
FALSE	evaluated 40701 times by 1 test Evaluated by: libssl.so.1.1

0-40701

864

&compressdata))) {

!WPACKET_reser...&compressdata)	Description
TRUE	never evaluated
FALSE	evaluated 40701 times by 1 test Evaluated by: libssl.so.1.1

0-40701

865 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

866 ERR_R_INTERNAL_ERROR); -

867

goto err;

never executed: goto err;

868 } -

869 -

870 /* lets setup the record stuff. */ -

871 SSL3_RECORD_set_data(thiswr, compressdata); -

872 SSL3_RECORD_set_length(thiswr, pipelens[j]); -

873 SSL3_RECORD_set_input(thiswr, (unsigned char *)&buf[totlen]); -

874 totlen += pipelens[j]; -

875 -

876 /* -

877 * we now 'read' from thiswr->input, thiswr->length bytes into -

878 * thiswr->data -

879 */ -

880 -

881 /* first we compress */ -

882

if (s->compress != NULL) {

s->compress != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

883

if (!ssl3_do_compress(s, thiswr)

!ssl3_do_compress(s, thiswr)	Description
TRUE	never evaluated
FALSE	never evaluated

884

|| !WPACKET_allocate_bytes(thispkt, thiswr->length, NULL)) {

!WPACKET_alloc... ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

885 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

886 SSL_R_COMPRESSION_FAILURE); -

887

goto err;

never executed: goto err;

888 } -

889

} else {

never executed: end of block

890

if (!WPACKET_memcpy(thispkt, thiswr->input, thiswr->length)) {

!WPACKET_memcp...hiswr->length)	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

891 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

892 ERR_R_INTERNAL_ERROR); -

893

goto err;

never executed: goto err;

894 } -

895 SSL3_RECORD_reset_input(&wr[j]); -

896

}

executed 41051 times by 1 test: end of block

Executed by:

libssl.so.1.1

41051

897 -

898

if (SSL_TREAT_AS_TLS13(s)

!(s->method->s...c_flags & 0x8)	Description
TRUE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

(s)->method->version >= 0x0304	Description
TRUE	evaluated 21674 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 19377 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->v...ion != 0x10000	Description
TRUE	evaluated 15022 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 6652 times by 1 test Evaluated by: libssl.so.1.1

(s)->early_dat...ATA_CONNECTING	Description
TRUE	evaluated 101 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 25928 times by 1 test Evaluated by: libssl.so.1.1

(s)->early_dat..._CONNECT_RETRY	Description
TRUE	never evaluated
FALSE	evaluated 25928 times by 1 test Evaluated by: libssl.so.1.1

(s)->early_dat...Y_DATA_WRITING	Description
TRUE	evaluated 46 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 25882 times by 1 test Evaluated by: libssl.so.1.1

(s)->early_dat...TA_WRITE_RETRY	Description
TRUE	never evaluated
FALSE	evaluated 25882 times by 1 test Evaluated by: libssl.so.1.1

(s)->hello_ret...SL_HRR_PENDING	Description
TRUE	evaluated 1436 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 24446 times by 1 test Evaluated by: libssl.so.1.1

0-41051

899

&& s->enc_write_ctx != NULL

s->enc_write_c...!= ((void *)0)	Description
TRUE	evaluated 12393 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 4212 times by 1 test Evaluated by: libssl.so.1.1

4212-12393

900

&& (s->statem.enc_write_state != ENC_WRITE_STATE_WRITE_PLAIN_ALERTS

s->statem.enc_...E_PLAIN_ALERTS	Description
TRUE	evaluated 12347 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 46 times by 1 test Evaluated by: libssl.so.1.1

46-12347

901

|| type != SSL3_RT_ALERT)) {

type != 21	Description
TRUE	evaluated 46 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-46

902 size_t rlen, max_send_fragment; -

903 -

904

if (!WPACKET_put_bytes_u8(thispkt, type)) {

!WPACKET_put_b...t), (type), 1)	Description
TRUE	never evaluated
FALSE	evaluated 12393 times by 1 test Evaluated by: libssl.so.1.1

0-12393

905 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

906 ERR_R_INTERNAL_ERROR); -

907

goto err;

never executed: goto err;

908 } -

909 SSL3_RECORD_add_length(thiswr, 1); -

910 -

911 /* Add TLS1.3 padding */ -

912 max_send_fragment = ssl_get_max_send_fragment(s); -

913 rlen = SSL3_RECORD_get_length(thiswr); -

914

if (rlen < max_send_fragment) {

rlen < max_send_fragment	Description
TRUE	evaluated 6748 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 5645 times by 1 test Evaluated by: libssl.so.1.1

5645-6748

915 size_t padding = 0; -

916 size_t max_padding = max_send_fragment - rlen; -

917

if (s->record_padding_cb != NULL) {

s->record_padd...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 6748 times by 1 test Evaluated by: libssl.so.1.1

0-6748

918 padding = s->record_padding_cb(s, type, rlen, s->record_padding_arg); -

919

} else if (s->block_padding > 0) {

never executed: end of block

s->block_padding > 0	Description
TRUE	evaluated 11 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 6737 times by 1 test Evaluated by: libssl.so.1.1

0-6737

920 size_t mask = s->block_padding - 1; -

921 size_t remainder; -

922 -

923 /* optimize for power of 2 */ -

924

if ((s->block_padding & mask) == 0)

(s->block_padding & mask) == 0	Description
TRUE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

3-8

925

remainder = rlen & mask;

executed 8 times by 1 test: remainder = rlen & mask;

Executed by:

libssl.so.1.1

926 else -

927

remainder = rlen % s->block_padding;

executed 3 times by 1 test: remainder = rlen % s->block_padding;

Executed by:

libssl.so.1.1

928 /* don't want to add a block of padding if we don't have to */ -

929

if (remainder == 0)

remainder == 0	Description
TRUE	never evaluated
FALSE	evaluated 11 times by 1 test Evaluated by: libssl.so.1.1

0-11

930

padding = 0;

never executed: padding = 0;

931 else -

932

padding = s->block_padding - remainder;

executed 11 times by 1 test: padding = s->block_padding - remainder;

Executed by:

libssl.so.1.1

933 } -

934

if (padding > 0) {

padding > 0	Description
TRUE	evaluated 11 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 6737 times by 1 test Evaluated by: libssl.so.1.1

11-6737

935 /* do not allow the record to exceed max plaintext length */ -

936

if (padding > max_padding)

padding > max_padding	Description
TRUE	never evaluated
FALSE	evaluated 11 times by 1 test Evaluated by: libssl.so.1.1

0-11

937

padding = max_padding;

never executed: padding = max_padding;

938

if (!WPACKET_memset(thispkt, 0, padding)) {

!WPACKET_memse...t, 0, padding)	Description
TRUE	never evaluated
FALSE	evaluated 11 times by 1 test Evaluated by: libssl.so.1.1

0-11

939 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

940 ERR_R_INTERNAL_ERROR); -

941

goto err;

never executed: goto err;

942 } -

943 SSL3_RECORD_add_length(thiswr, padding); -

944

}

executed 11 times by 1 test: end of block

Executed by:

libssl.so.1.1

945

}

executed 6748 times by 1 test: end of block

Executed by:

libssl.so.1.1

6748

946

}

executed 12393 times by 1 test: end of block

Executed by:

libssl.so.1.1

12393

947 -

948 /* -

949 * we should still have the output to thiswr->data and the input from -

950 * wr->input. Length should be thiswr->length. thiswr->data still points -

951 * in the wb->buf -

952 */ -

953 -

954

if (!SSL_WRITE_ETM(s) && mac_size != 0) {

!(s->s3->flags & 0x0400)	Description
TRUE	evaluated 36026 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 5025 times by 1 test Evaluated by: libssl.so.1.1

mac_size != 0	Description
TRUE	evaluated 457 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 35569 times by 1 test Evaluated by: libssl.so.1.1

457-36026

955 unsigned char *mac; -

956 -

957

if (!WPACKET_allocate_bytes(thispkt, mac_size, &mac)

!WPACKET_alloc...ac_size, &mac)	Description
TRUE	never evaluated
FALSE	evaluated 457 times by 1 test Evaluated by: libssl.so.1.1

0-457

958

|| !s->method->ssl3_enc->mac(s, thiswr, mac, 1)) {

!s->method->ss...hiswr, mac, 1)	Description
TRUE	never evaluated
FALSE	evaluated 457 times by 1 test Evaluated by: libssl.so.1.1

0-457

959 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

960 ERR_R_INTERNAL_ERROR); -

961

goto err;

never executed: goto err;

962 } -

963

}

executed 457 times by 1 test: end of block

Executed by:

libssl.so.1.1

457

964 -

965 /* -

966 * Reserve some bytes for any growth that may occur during encryption. -

967 * This will be at most one cipher block or the tag length if using -

968 * AEAD. SSL_RT_MAX_CIPHER_BLOCK_SIZE covers either case. -

969 */ -

970

if (!WPACKET_reserve_bytes(thispkt, SSL_RT_MAX_CIPHER_BLOCK_SIZE,

!WPACKET_reser... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

971

NULL)

!WPACKET_reser... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

972 /* -

973 * We also need next the amount of bytes written to this -

974 * sub-packet -

975 */ -

976

|| !WPACKET_get_length(thispkt, &len)) {

!WPACKET_get_l...thispkt, &len)	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

977 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

978 ERR_R_INTERNAL_ERROR); -

979

goto err;

never executed: goto err;

980 } -

981 -

982 /* Get a pointer to the start of this record excluding header */ -

983 recordstart = WPACKET_get_curr(thispkt) - len; -

984 -

985 SSL3_RECORD_set_data(thiswr, recordstart); -

986 SSL3_RECORD_reset_input(thiswr); -

987 SSL3_RECORD_set_length(thiswr, len); -

988

}

executed 41051 times by 1 test: end of block

Executed by:

libssl.so.1.1

41051

989 -

990

if (s->statem.enc_write_state == ENC_WRITE_STATE_WRITE_PLAIN_ALERTS) {

s->statem.enc_...E_PLAIN_ALERTS	Description
TRUE	evaluated 55 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 40996 times by 1 test Evaluated by: libssl.so.1.1

55-40996

991 /* -

992 * We haven't actually negotiated the version yet, but we're trying to -

993 * send early data - so we need to use the tls13enc function. -

994 */ -

995

if (tls13_enc(s, wr, numpipes, 1) < 1) {

tls13_enc(s, w...mpipes, 1) < 1	Description
TRUE	never evaluated
FALSE	evaluated 55 times by 1 test Evaluated by: libssl.so.1.1

0-55

996

if (!ossl_statem_in_error(s)) {

!ossl_statem_in_error(s)	Description
TRUE	never evaluated
FALSE	never evaluated

997 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

998 ERR_R_INTERNAL_ERROR); -

999

}

never executed: end of block

1000

goto err;

never executed: goto err;

1001 } -

1002

} else {

executed 55 times by 1 test: end of block

Executed by:

libssl.so.1.1

1003

if (s->method->ssl3_enc->enc(s, wr, numpipes, 1) < 1) {

s->method->ssl...mpipes, 1) < 1	Description
TRUE	never evaluated
FALSE	evaluated 40996 times by 1 test Evaluated by: libssl.so.1.1

0-40996

1004

if (!ossl_statem_in_error(s)) {

!ossl_statem_in_error(s)	Description
TRUE	never evaluated
FALSE	never evaluated

1005 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

1006 ERR_R_INTERNAL_ERROR); -

1007

}

never executed: end of block

1008

goto err;

never executed: goto err;

1009 } -

1010

}

executed 40996 times by 1 test: end of block

Executed by:

libssl.so.1.1

40996

1011 -

1012

for (j = 0; j < numpipes; j++) {

j < numpipes	Description
TRUE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 40701 times by 1 test Evaluated by: libssl.so.1.1

40701-41051

1013 size_t origlen; -

1014 -

1015 thispkt = &pkt[j]; -

1016 thiswr = &wr[j]; -

1017 -

1018 /* Allocate bytes for the encryption overhead */ -

1019

if (!WPACKET_get_length(thispkt, &origlen)

!WPACKET_get_l...pkt, &origlen)	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

1020 /* Encryption should never shrink the data! */ -

1021

|| origlen > thiswr->length

origlen > thiswr->length	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

1022

|| (thiswr->length > origlen

thiswr->length > origlen	Description
TRUE	evaluated 20171 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 20880 times by 1 test Evaluated by: libssl.so.1.1

20171-20880

1023

&& !WPACKET_allocate_bytes(thispkt,

!WPACKET_alloc... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 20171 times by 1 test Evaluated by: libssl.so.1.1

0-20171

1024

thiswr->length - origlen, NULL))) {

!WPACKET_alloc... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 20171 times by 1 test Evaluated by: libssl.so.1.1

0-20171

1025 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

1026 ERR_R_INTERNAL_ERROR); -

1027

goto err;

never executed: goto err;

1028 } -

1029

if (SSL_WRITE_ETM(s) && mac_size != 0) {

(s->s3->flags & 0x0400)	Description
TRUE	evaluated 5025 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 36026 times by 1 test Evaluated by: libssl.so.1.1

mac_size != 0	Description
TRUE	evaluated 5025 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-36026

1030 unsigned char *mac; -

1031 -

1032

if (!WPACKET_allocate_bytes(thispkt, mac_size, &mac)

!WPACKET_alloc...ac_size, &mac)	Description
TRUE	never evaluated
FALSE	evaluated 5025 times by 1 test Evaluated by: libssl.so.1.1

0-5025

1033

|| !s->method->ssl3_enc->mac(s, thiswr, mac, 1)) {

!s->method->ss...hiswr, mac, 1)	Description
TRUE	never evaluated
FALSE	evaluated 5025 times by 1 test Evaluated by: libssl.so.1.1

0-5025

1034 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

1035 ERR_R_INTERNAL_ERROR); -

1036

goto err;

never executed: goto err;

1037 } -

1038 SSL3_RECORD_add_length(thiswr, mac_size); -

1039

}

executed 5025 times by 1 test: end of block

Executed by:

libssl.so.1.1

5025

1040 -

1041

if (!WPACKET_get_length(thispkt, &len)

!WPACKET_get_l...thispkt, &len)	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

1042

|| !WPACKET_close(thispkt)) {

!WPACKET_close(thispkt)	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

1043 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

1044 ERR_R_INTERNAL_ERROR); -

1045

goto err;

never executed: goto err;

1046 } -

1047 -

1048

if (s->msg_callback) {

s->msg_callback	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

1049 recordstart = WPACKET_get_curr(thispkt) - len -

1050 - SSL3_RT_HEADER_LENGTH; -

1051 s->msg_callback(1, 0, SSL3_RT_HEADER, recordstart, -

1052 SSL3_RT_HEADER_LENGTH, s, -

1053 s->msg_callback_arg); -

1054 -

1055

if (SSL_TREAT_AS_TLS13(s) && s->enc_write_ctx != NULL) {

!(s->method->s...c_flags & 0x8)	Description
TRUE	never evaluated
FALSE	never evaluated

(s)->method->version >= 0x0304	Description
TRUE	never evaluated
FALSE	never evaluated

(s)->method->v...ion != 0x10000	Description
TRUE	never evaluated
FALSE	never evaluated

(s)->early_dat...ATA_CONNECTING	Description
TRUE	never evaluated
FALSE	never evaluated

(s)->early_dat..._CONNECT_RETRY	Description
TRUE	never evaluated
FALSE	never evaluated

(s)->early_dat...Y_DATA_WRITING	Description
TRUE	never evaluated
FALSE	never evaluated

(s)->early_dat...TA_WRITE_RETRY	Description
TRUE	never evaluated
FALSE	never evaluated

(s)->hello_ret...SL_HRR_PENDING	Description
TRUE	never evaluated
FALSE	never evaluated

s->enc_write_c...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1056 unsigned char ctype = type; -

1057 -

1058 s->msg_callback(1, s->version, SSL3_RT_INNER_CONTENT_TYPE, -

1059 &ctype, 1, s, s->msg_callback_arg); -

1060

}

never executed: end of block

1061

}

never executed: end of block

1062 -

1063

if (!WPACKET_finish(thispkt)) {

!WPACKET_finish(thispkt)	Description
TRUE	never evaluated
FALSE	evaluated 41051 times by 1 test Evaluated by: libssl.so.1.1

0-41051

1064 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

1065 ERR_R_INTERNAL_ERROR); -

1066

goto err;

never executed: goto err;

1067 } -

1068 -

1069 /* -

1070 * we should now have thiswr->data pointing to the encrypted data, which -

1071 * is thiswr->length long -

1072 */ -

1073 SSL3_RECORD_set_type(thiswr, type); /* not needed but helps for -

1074 * debugging */ -

1075 SSL3_RECORD_add_length(thiswr, SSL3_RT_HEADER_LENGTH); -

1076 -

1077

if (create_empty_fragment) {

create_empty_fragment	Description
TRUE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 40701 times by 1 test Evaluated by: libssl.so.1.1

350-40701

1078 /* -

1079 * we are in a recursive call; just return the length, don't write -

1080 * out anything here -

1081 */ -

1082

if (j > 0) {

j > 0	Description
TRUE	never evaluated
FALSE	evaluated 350 times by 1 test Evaluated by: libssl.so.1.1

0-350

1083 /* We should never be pipelining an empty fragment!! */ -

1084 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE, -

1085 ERR_R_INTERNAL_ERROR); -

1086

goto err;

never executed: goto err;

1087 } -

1088 *written = SSL3_RECORD_get_length(thiswr); -

1089

return 1;

executed 350 times by 1 test: return 1;

Executed by:

libssl.so.1.1

350

1090 } -

1091 -

1092 /* now let's set up wb */ -

1093 SSL3_BUFFER_set_left(&s->rlayer.wbuf[j], -

1094 prefix_len + SSL3_RECORD_get_length(thiswr)); -

1095

}

executed 40701 times by 1 test: end of block

Executed by:

libssl.so.1.1

40701

1096 -

1097 /* -

1098 * memorize arguments so that ssl3_write_pending can detect bad write -

1099 * retries later -

1100 */ -

1101 s->rlayer.wpend_tot = totlen; -

1102 s->rlayer.wpend_buf = buf; -

1103 s->rlayer.wpend_type = type; -

1104 s->rlayer.wpend_ret = totlen; -

1105 -

1106 /* we now just need to write the buffer */ -

1107

return ssl3_write_pending(s, type, buf, totlen, written);

executed 40701 times by 1 test: return ssl3_write_pending(s, type, buf, totlen, written);

Executed by:

libssl.so.1.1

40701

1108 err: -

1109

for (j = 0; j < wpinited; j++)

j < wpinited	Description
TRUE	never evaluated
FALSE	never evaluated

1110

WPACKET_cleanup(&pkt[j]);

never executed: WPACKET_cleanup(&pkt[j]);

1111

return -1;

never executed: return -1;

1112 } -

1113 -

1114 /* if s->s3->wbuf.left != 0, we need to call this -

1115 * -

1116 * Return values are as per SSL_write() -

1117 */ -

1118 int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, size_t len, -

1119 size_t *written) -

1120 { -

1121 int i; -

1122 SSL3_BUFFER *wb = s->rlayer.wbuf; -

1123 size_t currbuf = 0; -

1124 size_t tmpwrit = 0; -

1125 -

1126

if ((s->rlayer.wpend_tot > len)

(s->rlayer.wpend_tot > len)	Description
TRUE	never evaluated
FALSE	evaluated 45492 times by 1 test Evaluated by: libssl.so.1.1

0-45492

1127

|| (!(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)

!(s->mode & 0x00000002U)	Description
TRUE	evaluated 45492 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-45492

1128

&& (s->rlayer.wpend_buf != buf))

(s->rlayer.wpend_buf != buf)	Description
TRUE	never evaluated
FALSE	evaluated 45492 times by 1 test Evaluated by: libssl.so.1.1

0-45492

1129

|| (s->rlayer.wpend_type != type)) {

(s->rlayer.wpend_type != type)	Description
TRUE	never evaluated
FALSE	evaluated 45492 times by 1 test Evaluated by: libssl.so.1.1

0-45492

1130 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_WRITE_PENDING, -

1131 SSL_R_BAD_WRITE_RETRY); -

1132

return -1;

never executed: return -1;

1133 } -

1134 -

1135 for (;;) { -

1136 /* Loop until we find a buffer we haven't written out yet */ -

1137

if (SSL3_BUFFER_get_left(&wb[currbuf]) == 0

((&wb[currbuf])->left) == 0	Description
TRUE	never evaluated
FALSE	evaluated 45902 times by 1 test Evaluated by: libssl.so.1.1

0-45902

1138

&& currbuf < s->rlayer.numwpipes - 1) {

currbuf < s->r....numwpipes - 1	Description
TRUE	never evaluated
FALSE	never evaluated

1139 currbuf++; -

1140

continue;

never executed: continue;

1141 } -

1142 clear_sys_error(); -

1143

if (s->wbio != NULL) {

s->wbio != ((void *)0)	Description
TRUE	evaluated 45902 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-45902

1144 s->rwstate = SSL_WRITING; -

1145 /* TODO(size_t): Convert this call */ -

1146 i = BIO_write(s->wbio, (char *) -

1147 &(SSL3_BUFFER_get_buf(&wb[currbuf]) -

1148 [SSL3_BUFFER_get_offset(&wb[currbuf])]), -

1149 (unsigned int)SSL3_BUFFER_get_left(&wb[currbuf])); -

1150

if (i >= 0)

i >= 0	Description
TRUE	evaluated 45373 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 529 times by 1 test Evaluated by: libssl.so.1.1

529-45373

1151

tmpwrit = i;

executed 45373 times by 1 test: tmpwrit = i;

Executed by:

libssl.so.1.1

45373

1152

} else {

executed 45902 times by 1 test: end of block

Executed by:

libssl.so.1.1

45902

1153 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_WRITE_PENDING, -

1154 SSL_R_BIO_NOT_SET); -

1155 i = -1; -

1156

}

never executed: end of block

1157

if (i > 0 && tmpwrit == SSL3_BUFFER_get_left(&wb[currbuf])) {

i > 0	Description
TRUE	evaluated 45369 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 533 times by 1 test Evaluated by: libssl.so.1.1

tmpwrit == ((&...rrbuf])->left)	Description
TRUE	evaluated 44959 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 410 times by 1 test Evaluated by: libssl.so.1.1

410-45369

1158 SSL3_BUFFER_set_left(&wb[currbuf], 0); -

1159 SSL3_BUFFER_add_offset(&wb[currbuf], tmpwrit); -

1160

if (currbuf + 1 < s->rlayer.numwpipes)

currbuf + 1 < ...ayer.numwpipes	Description
TRUE	never evaluated
FALSE	evaluated 44959 times by 1 test Evaluated by: libssl.so.1.1

0-44959

1161

continue;

never executed: continue;

1162 s->rwstate = SSL_NOTHING; -

1163 *written = s->rlayer.wpend_ret; -

1164

return 1;

executed 44959 times by 1 test: return 1;

Executed by:

libssl.so.1.1

44959

1165

} else if (i <= 0) {

i <= 0	Description
TRUE	evaluated 533 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 410 times by 1 test Evaluated by: libssl.so.1.1

410-533

1166

if (SSL_IS_DTLS(s)) {

(s->method->ss...c_flags & 0x8)	Description
TRUE	never evaluated
FALSE	evaluated 533 times by 1 test Evaluated by: libssl.so.1.1

0-533

1167 /* -

1168 * For DTLS, just drop it. That's kind of the whole point in -

1169 * using a datagram service -

1170 */ -

1171 SSL3_BUFFER_set_left(&wb[currbuf], 0); -

1172

}

never executed: end of block

1173

return i;

executed 533 times by 1 test: return i;

Executed by:

libssl.so.1.1

533

1174 } -

1175 SSL3_BUFFER_add_offset(&wb[currbuf], tmpwrit); -

1176 SSL3_BUFFER_sub_left(&wb[currbuf], tmpwrit); -

1177

}

executed 410 times by 1 test: end of block

Executed by:

libssl.so.1.1

410

1178

}

never executed: end of block

1179 -

1180 /*- -

1181 * Return up to 'len' payload bytes received in 'type' records. -

1182 * 'type' is one of the following: -

1183 * -

1184 * - SSL3_RT_HANDSHAKE (when ssl3_get_message calls us) -

1185 * - SSL3_RT_APPLICATION_DATA (when ssl3_read calls us) -

1186 * - 0 (during a shutdown, no data has to be returned) -

1187 * -

1188 * If we don't have stored data to work from, read a SSL/TLS record first -

1189 * (possibly multiple records if we still don't have anything to return). -

1190 * -

1191 * This function must handle any surprises the peer may have for us, such as -

1192 * Alert records (e.g. close_notify) or renegotiation requests. ChangeCipherSpec -

1193 * messages are treated as if they were handshake messages *if* the |recd_type| -

1194 * argument is non NULL. -

1195 * Also if record payloads contain fragments too small to process, we store -

1196 * them until there is enough for the respective protocol (the record protocol -

1197 * may use arbitrary fragmentation and even interleaving): -

1198 * Change cipher spec protocol -

1199 * just 1 byte needed, no need for keeping anything stored -

1200 * Alert protocol -

1201 * 2 bytes needed (AlertLevel, AlertDescription) -

1202 * Handshake protocol -

1203 * 4 bytes needed (HandshakeType, uint24 length) -- we just have -

1204 * to detect unexpected Client Hello and Hello Request messages -

1205 * here, anything else is handled by higher layers -

1206 * Application data protocol -

1207 * none of our business -

1208 */ -

1209 int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, -

1210 size_t len, int peek, size_t *readbytes) -

1211 { -

1212 int i, j, ret; -

1213 size_t n, curr_rec, num_recs, totalbytes; -

1214 SSL3_RECORD *rr; -

1215 SSL3_BUFFER *rbuf; -

1216 void (*cb) (const SSL *ssl, int type2, int val) = NULL; -

1217

int is_tls13 = SSL_IS_TLS13(s);

!(s->method->s...c_flags & 0x8)	Description
TRUE	evaluated 90401 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

(s)->method->version >= 0x0304	Description
TRUE	evaluated 59012 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 31389 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->v...ion != 0x10000	Description
TRUE	evaluated 31157 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 27855 times by 1 test Evaluated by: libssl.so.1.1

0-90401

1218 -

1219 rbuf = &s->rlayer.rbuf; -

1220 -

1221

if (!SSL3_BUFFER_is_initialised(rbuf)) {

!((rbuf)->buf != ((void *)0) )	Description
TRUE	evaluated 106 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 90295 times by 1 test Evaluated by: libssl.so.1.1

106-90295

1222 /* Not initialized yet */ -

1223

if (!ssl3_setup_read_buffer(s)) {

!ssl3_setup_read_buffer(s)	Description
TRUE	never evaluated
FALSE	evaluated 106 times by 1 test Evaluated by: libssl.so.1.1

0-106

1224 /* SSLfatal() already called */ -

1225

return -1;

never executed: return -1;

1226 } -

1227

}

executed 106 times by 1 test: end of block

Executed by:

libssl.so.1.1

106

1228 -

1229

if ((type && (type != SSL3_RT_APPLICATION_DATA)

type	Description
TRUE	evaluated 88722 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1679 times by 1 test Evaluated by: libssl.so.1.1

(type != 23)	Description
TRUE	evaluated 67689 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 21033 times by 1 test Evaluated by: libssl.so.1.1

1679-88722

1230

&& (type != SSL3_RT_HANDSHAKE)) || (peek

(type != 22)	Description
TRUE	never evaluated
FALSE	evaluated 67689 times by 1 test Evaluated by: libssl.so.1.1

peek	Description
TRUE	never evaluated
FALSE	evaluated 90401 times by 1 test Evaluated by: libssl.so.1.1

0-90401

1231

&& (type !=

(type != 23)	Description
TRUE	never evaluated
FALSE	never evaluated

1232

SSL3_RT_APPLICATION_DATA))) {

(type != 23)	Description
TRUE	never evaluated
FALSE	never evaluated

1233 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_READ_BYTES, -

1234 ERR_R_INTERNAL_ERROR); -

1235

return -1;

never executed: return -1;

1236 } -

1237 -

1238

if ((type == SSL3_RT_HANDSHAKE) && (s->rlayer.handshake_fragment_len > 0))

(type == 22)	Description
TRUE	evaluated 67689 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 22712 times by 1 test Evaluated by: libssl.so.1.1

(s->rlayer.han...gment_len > 0)	Description
TRUE	evaluated 1034 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 66655 times by 1 test Evaluated by: libssl.so.1.1

1034-67689

1239 /* (partially) satisfy request from storage */ -

1240 { -

1241 unsigned char *src = s->rlayer.handshake_fragment; -

1242 unsigned char *dst = buf; -

1243 unsigned int k; -

1244 -

1245 /* peek == 0 */ -

1246 n = 0; -

1247

while ((len > 0) && (s->rlayer.handshake_fragment_len > 0)) {

(len > 0)	Description
TRUE	evaluated 4136 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1034 times by 1 test Evaluated by: libssl.so.1.1

(s->rlayer.han...gment_len > 0)	Description
TRUE	evaluated 4136 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-4136

1248 *dst++ = *src++; -

1249 len--; -

1250 s->rlayer.handshake_fragment_len--; -

1251 n++; -

1252

}

executed 4136 times by 1 test: end of block

Executed by:

libssl.so.1.1

4136

1253 /* move any remaining fragment bytes: */ -

1254

for (k = 0; k < s->rlayer.handshake_fragment_len; k++)

k < s->rlayer....e_fragment_len	Description
TRUE	never evaluated
FALSE	evaluated 1034 times by 1 test Evaluated by: libssl.so.1.1

0-1034

1255

s->rlayer.handshake_fragment[k] = *src++;

never executed: s->rlayer.handshake_fragment[k] = *src++;

1256 -

1257

if (recvd_type != NULL)

recvd_type != ((void *)0)	Description
TRUE	evaluated 1034 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1034

1258

*recvd_type = SSL3_RT_HANDSHAKE;

executed 1034 times by 1 test: *recvd_type = 22;

Executed by:

libssl.so.1.1

1034

1259 -

1260 *readbytes = n; -

1261

return 1;

executed 1034 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1034

1262 } -

1263 -

1264 /* -

1265 * Now s->rlayer.handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE. -

1266 */ -

1267 -

1268

if (!ossl_statem_get_in_handshake(s) && SSL_in_init(s)) {

!ossl_statem_g...n_handshake(s)	Description
TRUE	evaluated 22712 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 66655 times by 1 test Evaluated by: libssl.so.1.1

SSL_in_init(s)	Description
TRUE	evaluated 2111 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 20601 times by 1 test Evaluated by: libssl.so.1.1

2111-66655

1269 /* type == SSL3_RT_APPLICATION_DATA */ -

1270 i = s->handshake_func(s); -

1271 /* SSLfatal() already called */ -

1272

if (i < 0)

i < 0	Description
TRUE	evaluated 1998 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 113 times by 1 test Evaluated by: libssl.so.1.1

113-1998

1273

return i;

executed 1998 times by 1 test: return i;

Executed by:

libssl.so.1.1

1998

1274

if (i == 0)

i == 0	Description
TRUE	never evaluated
FALSE	evaluated 113 times by 1 test Evaluated by: libssl.so.1.1

0-113

1275

return -1;

never executed: return -1;

1276

}

executed 113 times by 1 test: end of block

Executed by:

libssl.so.1.1

113

1277

start:

code before this statement executed 87369 times by 1 test: start:

Executed by:

libssl.so.1.1

87369

1278 s->rwstate = SSL_NOTHING; -

1279 -

1280 /*- -

1281 * For each record 'i' up to |num_recs] -

1282 * rr[i].type - is the type of record -

1283 * rr[i].data, - data -

1284 * rr[i].off, - offset into 'data' for next read -

1285 * rr[i].length, - number of bytes. -

1286 */ -

1287 rr = s->rlayer.rrec; -

1288 num_recs = RECORD_LAYER_get_numrpipes(&s->rlayer); -

1289 -

1290 do { -

1291 /* get new records if necessary */ -

1292

if (num_recs == 0) {

num_recs == 0	Description
TRUE	evaluated 80271 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 55708 times by 1 test Evaluated by: libssl.so.1.1

55708-80271

1293 ret = ssl3_get_record(s); -

1294

if (ret <= 0) {

ret <= 0	Description
TRUE	evaluated 29138 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 51133 times by 1 test Evaluated by: libssl.so.1.1

29138-51133

1295 /* SSLfatal() already called if appropriate */ -

1296

return ret;

executed 29138 times by 1 test: return ret;

Executed by:

libssl.so.1.1

29138

1297 } -

1298 num_recs = RECORD_LAYER_get_numrpipes(&s->rlayer); -

1299

if (num_recs == 0) {

num_recs == 0	Description
TRUE	never evaluated
FALSE	evaluated 51133 times by 1 test Evaluated by: libssl.so.1.1

0-51133

1300 /* Shouldn't happen */ -

1301 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_READ_BYTES, -

1302 ERR_R_INTERNAL_ERROR); -

1303

return -1;

never executed: return -1;

1304 } -

1305

}

executed 51133 times by 1 test: end of block

Executed by:

libssl.so.1.1

51133

1306 /* Skip over any records we have already read */ -

1307 for (curr_rec = 0; -

1308

curr_rec < num_recs && SSL3_RECORD_is_read(&rr[curr_rec]);

curr_rec < num_recs	Description
TRUE	evaluated 106841 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 45240 times by 1 test Evaluated by: libssl.so.1.1

((&rr[curr_rec])->read)	Description
TRUE	evaluated 45240 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 61601 times by 1 test Evaluated by: libssl.so.1.1

45240-106841

1309

curr_rec++) ;

executed 45240 times by 1 test: ;

Executed by:

libssl.so.1.1

45240

1310

if (curr_rec == num_recs) {

curr_rec == num_recs	Description
TRUE	evaluated 45240 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 61601 times by 1 test Evaluated by: libssl.so.1.1

45240-61601

1311 RECORD_LAYER_set_numrpipes(&s->rlayer, 0); -

1312 num_recs = 0; -

1313 curr_rec = 0; -

1314

}

executed 45240 times by 1 test: end of block

Executed by:

libssl.so.1.1

45240

1315

} while (num_recs == 0);

executed 106841 times by 1 test: end of block

Executed by:

libssl.so.1.1

num_recs == 0	Description
TRUE	evaluated 45240 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 61601 times by 1 test Evaluated by: libssl.so.1.1

45240-106841

1316 rr = &rr[curr_rec]; -

1317 -

1318 /* -

1319 * Reset the count of consecutive warning alerts if we've got a non-empty -

1320 * record that isn't an alert. -

1321 */ -

1322

if (SSL3_RECORD_get_type(rr) != SSL3_RT_ALERT

((rr)->type) != 21	Description
TRUE	evaluated 59252 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2349 times by 1 test Evaluated by: libssl.so.1.1

2349-59252

1323

&& SSL3_RECORD_get_length(rr) != 0)

((rr)->length) != 0	Description
TRUE	evaluated 57330 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1922 times by 1 test Evaluated by: libssl.so.1.1

1922-57330

1324

s->rlayer.alert_count = 0;

executed 57330 times by 1 test: s->rlayer.alert_count = 0;

Executed by:

libssl.so.1.1

57330

1325 -

1326 /* we now have a packet which can be read and processed */ -

1327 -

1328

if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,

s->s3->change_cipher_spec	Description
TRUE	evaluated 3777 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 57824 times by 1 test Evaluated by: libssl.so.1.1

3777-57824

1329 * reset by ssl3_get_finished */ -

1330

&& (SSL3_RECORD_get_type(rr) != SSL3_RT_HANDSHAKE)) {

(((rr)->type) != 22)	Description
TRUE	never evaluated
FALSE	evaluated 3777 times by 1 test Evaluated by: libssl.so.1.1

0-3777

1331 SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_SSL3_READ_BYTES, -

1332 SSL_R_DATA_BETWEEN_CCS_AND_FINISHED); -

1333

return -1;

never executed: return -1;

1334 } -

1335 -

1336 /* -

1337 * If the other end has shut down, throw anything we read away (even in -

1338 * 'peek' mode) -

1339 */ -

1340

if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {

s->shutdown & 2	Description
TRUE	never evaluated
FALSE	evaluated 61601 times by 1 test Evaluated by: libssl.so.1.1

0-61601

1341 SSL3_RECORD_set_length(rr, 0); -

1342 s->rwstate = SSL_NOTHING; -

1343

return 0;

never executed: return 0;

1344 } -

1345 -

1346

if (type == SSL3_RECORD_get_type(rr)

type == ((rr)->type)	Description
TRUE	evaluated 55368 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 6233 times by 1 test Evaluated by: libssl.so.1.1

6233-55368

1347

|| (SSL3_RECORD_get_type(rr) == SSL3_RT_CHANGE_CIPHER_SPEC

((rr)->type) == 20	Description
TRUE	evaluated 2616 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3617 times by 1 test Evaluated by: libssl.so.1.1

2616-3617

1348

&& type == SSL3_RT_HANDSHAKE && recvd_type != NULL

type == 22	Description
TRUE	evaluated 2616 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

recvd_type != ((void *)0)	Description
TRUE	evaluated 2616 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-2616

1349

&& !is_tls13)) {

!is_tls13	Description
TRUE	evaluated 2616 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-2616

1350 /* -

1351 * SSL3_RT_APPLICATION_DATA or -

1352 * SSL3_RT_HANDSHAKE or -

1353 * SSL3_RT_CHANGE_CIPHER_SPEC -

1354 */ -

1355 /* -

1356 * make sure that we are not getting application data when we are -

1357 * doing a handshake for the first time -

1358 */ -

1359

if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&

SSL_in_init(s)	Description
TRUE	evaluated 48261 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 9723 times by 1 test Evaluated by: libssl.so.1.1

(type == 23)	Description
TRUE	never evaluated
FALSE	evaluated 48261 times by 1 test Evaluated by: libssl.so.1.1

0-48261

1360

(s->enc_read_ctx == NULL)) {

(s->enc_read_c... ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

1361 SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_SSL3_READ_BYTES, -

1362 SSL_R_APP_DATA_IN_HANDSHAKE); -

1363

return -1;

never executed: return -1;

1364 } -

1365 -

1366

if (type == SSL3_RT_HANDSHAKE

type == 22	Description
TRUE	evaluated 48261 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 9723 times by 1 test Evaluated by: libssl.so.1.1

9723-48261

1367

&& SSL3_RECORD_get_type(rr) == SSL3_RT_CHANGE_CIPHER_SPEC

((rr)->type) == 20	Description
TRUE	evaluated 2616 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 45645 times by 1 test Evaluated by: libssl.so.1.1

2616-45645

1368

&& s->rlayer.handshake_fragment_len > 0) {

s->rlayer.hand...agment_len > 0	Description
TRUE	never evaluated
FALSE	evaluated 2616 times by 1 test Evaluated by: libssl.so.1.1

0-2616

1369 SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_SSL3_READ_BYTES, -

1370 SSL_R_CCS_RECEIVED_EARLY); -

1371

return -1;

never executed: return -1;

1372 } -

1373 -

1374

if (recvd_type != NULL)

recvd_type != ((void *)0)	Description
TRUE	evaluated 24175 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 33809 times by 1 test Evaluated by: libssl.so.1.1

24175-33809

1375

*recvd_type = SSL3_RECORD_get_type(rr);

executed 24175 times by 1 test: *recvd_type = ((rr)->type);

Executed by:

libssl.so.1.1

24175

1376 -

1377

if (len == 0) {

len == 0	Description
TRUE	never evaluated
FALSE	evaluated 57984 times by 1 test Evaluated by: libssl.so.1.1

0-57984

1378 /* -

1379 * Mark a zero length record as read. This ensures multiple calls to -

1380 * SSL_read() with a zero length buffer will eventually cause -

1381 * SSL_pending() to report data as being available. -

1382 */ -

1383

if (SSL3_RECORD_get_length(rr) == 0)

((rr)->length) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

1384

SSL3_RECORD_set_read(rr);

never executed: ((rr)->read = 1);

1385

return 0;

never executed: return 0;

1386 } -

1387 -

1388 totalbytes = 0; -

1389 do { -

1390

if (len - totalbytes > SSL3_RECORD_get_length(rr))

len - totalbyt...((rr)->length)	Description
TRUE	evaluated 18055 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 39929 times by 1 test Evaluated by: libssl.so.1.1

18055-39929

1391

n = SSL3_RECORD_get_length(rr);

executed 18055 times by 1 test: n = ((rr)->length);

Executed by:

libssl.so.1.1

18055

1392 else -

1393

n = len - totalbytes;

executed 39929 times by 1 test: n = len - totalbytes;

Executed by:

libssl.so.1.1

39929

1394 -

1395 memcpy(buf, &(rr->data[rr->off]), n); -

1396 buf += n; -

1397

if (peek) {

peek	Description
TRUE	never evaluated
FALSE	evaluated 57984 times by 1 test Evaluated by: libssl.so.1.1

0-57984

1398 /* Mark any zero length record as consumed CVE-2016-6305 */ -

1399

if (SSL3_RECORD_get_length(rr) == 0)

((rr)->length) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

1400

SSL3_RECORD_set_read(rr);

never executed: ((rr)->read = 1);

1401

} else {

never executed: end of block

1402 SSL3_RECORD_sub_length(rr, n); -

1403 SSL3_RECORD_add_off(rr, n); -

1404

if (SSL3_RECORD_get_length(rr) == 0) {

((rr)->length) == 0	Description
TRUE	evaluated 35689 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 22295 times by 1 test Evaluated by: libssl.so.1.1

22295-35689

1405 s->rlayer.rstate = SSL_ST_READ_HEADER; -

1406 SSL3_RECORD_set_off(rr, 0); -

1407 SSL3_RECORD_set_read(rr); -

1408

}

executed 35689 times by 1 test: end of block

Executed by:

libssl.so.1.1

35689

1409

}

executed 57984 times by 1 test: end of block

Executed by:

libssl.so.1.1

57984

1410

if (SSL3_RECORD_get_length(rr) == 0

((rr)->length) == 0	Description
TRUE	evaluated 35689 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 22295 times by 1 test Evaluated by: libssl.so.1.1

22295-35689

1411

|| (peek && n == SSL3_RECORD_get_length(rr))) {

peek	Description
TRUE	never evaluated
FALSE	evaluated 22295 times by 1 test Evaluated by: libssl.so.1.1

n == ((rr)->length)	Description
TRUE	never evaluated
FALSE	never evaluated

0-22295

1412 curr_rec++; -

1413 rr++; -

1414

}

executed 35689 times by 1 test: end of block

Executed by:

libssl.so.1.1

35689

1415 totalbytes += n; -

1416

} while (type == SSL3_RT_APPLICATION_DATA && curr_rec < num_recs

executed 57984 times by 1 test: end of block

Executed by:

libssl.so.1.1

type == 23	Description
TRUE	evaluated 9723 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 48261 times by 1 test Evaluated by: libssl.so.1.1

curr_rec < num_recs	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 9722 times by 1 test Evaluated by: libssl.so.1.1

1-57984

1417

&& totalbytes < len);

totalbytes < len	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

1418

if (totalbytes == 0) {

totalbytes == 0	Description
TRUE	evaluated 1913 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 56071 times by 1 test Evaluated by: libssl.so.1.1

1913-56071

1419 /* We must have read empty records. Get more data */ -

1420

goto start;

executed 1913 times by 1 test: goto start;

Executed by:

libssl.so.1.1

1913

1421 } -

1422

if (!peek && curr_rec == num_recs

!peek	Description
TRUE	evaluated 56071 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

curr_rec == num_recs	Description
TRUE	evaluated 33776 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 22295 times by 1 test Evaluated by: libssl.so.1.1

0-56071

1423

&& (s->mode & SSL_MODE_RELEASE_BUFFERS)

(s->mode & 0x00000010U)	Description
TRUE	never evaluated
FALSE	evaluated 33776 times by 1 test Evaluated by: libssl.so.1.1

0-33776

1424

&& SSL3_BUFFER_get_left(rbuf) == 0)

((rbuf)->left) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

1425

ssl3_release_read_buffer(s);

never executed: ssl3_release_read_buffer(s);

1426 *readbytes = totalbytes; -

1427

return 1;

executed 56071 times by 1 test: return 1;

Executed by:

libssl.so.1.1

56071

1428 } -

1429 -

1430 /* -

1431 * If we get here, then type != rr->type; if we have a handshake message, -

1432 * then it was unexpected (Hello Request or Client Hello) or invalid (we -

1433 * were actually expecting a CCS). -

1434 */ -

1435 -

1436 /* -

1437 * Lets just double check that we've not got an SSLv2 record -

1438 */ -

1439

if (rr->rec_version == SSL2_VERSION) {

rr->rec_version == 0x0002	Description
TRUE	never evaluated
FALSE	evaluated 3617 times by 1 test Evaluated by: libssl.so.1.1

0-3617

1440 /* -

1441 * Should never happen. ssl3_get_record() should only give us an SSLv2 -

1442 * record back if this is the first packet and we are looking for an -

1443 * initial ClientHello. Therefore |type| should always be equal to -

1444 * |rr->type|. If not then something has gone horribly wrong -

1445 */ -

1446 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_READ_BYTES, -

1447 ERR_R_INTERNAL_ERROR); -

1448

return -1;

never executed: return -1;

1449 } -

1450 -

1451

if (s->method->version == TLS_ANY_VERSION

s->method->version == 0x10000	Description
TRUE	evaluated 491 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3126 times by 1 test Evaluated by: libssl.so.1.1

491-3126

1452

&& (s->server || rr->type != SSL3_RT_ALERT)) {

s->server	Description
TRUE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 484 times by 1 test Evaluated by: libssl.so.1.1

rr->type != 21	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 482 times by 1 test Evaluated by: libssl.so.1.1

2-484

1453 /* -

1454 * If we've got this far and still haven't decided on what version -

1455 * we're using then this must be a client side alert we're dealing with -

1456 * (we don't allow heartbeats yet). We shouldn't be receiving anything -

1457 * other than a ClientHello if we are a server. -

1458 */ -

1459 s->version = rr->rec_version; -

1460 SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_SSL3_READ_BYTES, -

1461 SSL_R_UNEXPECTED_MESSAGE); -

1462

return -1;

executed 9 times by 1 test: return -1;

Executed by:

libssl.so.1.1

1463 } -

1464 -

1465 /*- -

1466 * s->rlayer.handshake_fragment_len == 4 iff rr->type == SSL3_RT_HANDSHAKE; -

1467 * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) -

1468 */ -

1469 -

1470

if (SSL3_RECORD_get_type(rr) == SSL3_RT_ALERT) {

((rr)->type) == 21	Description
TRUE	evaluated 2348 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1260 times by 1 test Evaluated by: libssl.so.1.1

1260-2348

1471 unsigned int alert_level, alert_descr; -

1472 unsigned char *alert_bytes = SSL3_RECORD_get_data(rr) -

1473 + SSL3_RECORD_get_off(rr); -

1474 PACKET alert; -

1475 -

1476

if (!PACKET_buf_init(&alert, alert_bytes, SSL3_RECORD_get_length(rr))

!PACKET_buf_in...(rr)->length))	Description
TRUE	never evaluated
FALSE	evaluated 2348 times by 1 test Evaluated by: libssl.so.1.1

0-2348

1477

|| !PACKET_get_1(&alert, &alert_level)

!PACKET_get_1(... &alert_level)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2344 times by 1 test Evaluated by: libssl.so.1.1

4-2344

1478

|| !PACKET_get_1(&alert, &alert_descr)

!PACKET_get_1(... &alert_descr)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2340 times by 1 test Evaluated by: libssl.so.1.1

4-2340

1479

|| PACKET_remaining(&alert) != 0) {

PACKET_remaining(&alert) != 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2338 times by 1 test Evaluated by: libssl.so.1.1

2-2338

1480 SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_SSL3_READ_BYTES, -

1481 SSL_R_INVALID_ALERT); -

1482

return -1;

executed 10 times by 1 test: return -1;

Executed by:

libssl.so.1.1

1483 } -

1484 -

1485

if (s->msg_callback)

s->msg_callback	Description
TRUE	never evaluated
FALSE	evaluated 2338 times by 1 test Evaluated by: libssl.so.1.1

0-2338

1486

s->msg_callback(0, s->version, SSL3_RT_ALERT, alert_bytes, 2, s,

never executed: s->msg_callback(0, s->version, 21, alert_bytes, 2, s, s->msg_callback_arg);

1487

s->msg_callback_arg);

never executed: s->msg_callback(0, s->version, 21, alert_bytes, 2, s, s->msg_callback_arg);

1488 -

1489

if (s->info_callback != NULL)

s->info_callba...!= ((void *)0)	Description
TRUE	evaluated 1853 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 485 times by 1 test Evaluated by: libssl.so.1.1

485-1853

1490

cb = s->info_callback;

executed 1853 times by 1 test: cb = s->info_callback;

Executed by:

libssl.so.1.1

1853

1491

else if (s->ctx->info_callback != NULL)

s->ctx->info_c...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 485 times by 1 test Evaluated by: libssl.so.1.1

0-485

1492

cb = s->ctx->info_callback;

never executed: cb = s->ctx->info_callback;

1493 -

1494

if (cb != NULL) {

cb != ((void *)0)	Description
TRUE	evaluated 1853 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 485 times by 1 test Evaluated by: libssl.so.1.1

485-1853

1495 j = (alert_level << 8) | alert_descr; -

1496 cb(s, SSL_CB_READ_ALERT, j); -

1497

}

executed 1853 times by 1 test: end of block

Executed by:

libssl.so.1.1

1853

1498 -

1499

if (alert_level == SSL3_AL_WARNING

alert_level == 1	Description
TRUE	evaluated 2058 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 280 times by 1 test Evaluated by: libssl.so.1.1

280-2058

1500

|| (is_tls13 && alert_descr == SSL_AD_USER_CANCELLED)) {

is_tls13	Description
TRUE	evaluated 30 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 250 times by 1 test Evaluated by: libssl.so.1.1

alert_descr == 90	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 29 times by 1 test Evaluated by: libssl.so.1.1

1-250

1501 s->s3->warn_alert = alert_descr; -

1502 SSL3_RECORD_set_read(rr); -

1503 -

1504 s->rlayer.alert_count++; -

1505

if (s->rlayer.alert_count == MAX_WARN_ALERT_COUNT) {

s->rlayer.alert_count == 5	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2058 times by 1 test Evaluated by: libssl.so.1.1

1-2058

1506 SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_SSL3_READ_BYTES, -

1507 SSL_R_TOO_MANY_WARN_ALERTS); -

1508

return -1;

executed 1 time by 1 test: return -1;

Executed by:

libssl.so.1.1

1509 } -

1510

}

executed 2058 times by 1 test: end of block

Executed by:

libssl.so.1.1

2058

1511 -

1512 /* -

1513 * Apart from close_notify the only other warning alert in TLSv1.3 -

1514 * is user_cancelled - which we just ignore. -

1515 */ -

1516

if (is_tls13 && alert_descr == SSL_AD_USER_CANCELLED) {

is_tls13	Description
TRUE	evaluated 632 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1705 times by 1 test Evaluated by: libssl.so.1.1

alert_descr == 90	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 628 times by 1 test Evaluated by: libssl.so.1.1

4-1705

1517

goto start;

executed 4 times by 1 test: goto start;

Executed by:

libssl.so.1.1

1518

} else if (alert_descr == SSL_AD_CLOSE_NOTIFY

alert_descr == 0	Description
TRUE	evaluated 1795 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 538 times by 1 test Evaluated by: libssl.so.1.1

538-1795

1519

&& (is_tls13 || alert_level == SSL3_AL_WARNING)) {

is_tls13	Description
TRUE	evaluated 599 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1196 times by 1 test Evaluated by: libssl.so.1.1

alert_level == 1	Description
TRUE	evaluated 1195 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

1-1196

1520 s->shutdown |= SSL_RECEIVED_SHUTDOWN; -

1521

return 0;

executed 1794 times by 1 test: return 0;

Executed by:

libssl.so.1.1

1794

1522

} else if (alert_level == SSL3_AL_FATAL || is_tls13) {

alert_level == 2	Description
TRUE	evaluated 277 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 262 times by 1 test Evaluated by: libssl.so.1.1

is_tls13	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 261 times by 1 test Evaluated by: libssl.so.1.1

1-277

1523 char tmp[16]; -

1524 -

1525 s->rwstate = SSL_NOTHING; -

1526 s->s3->fatal_alert = alert_descr; -

1527 SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_SSL3_READ_BYTES, -

1528 SSL_AD_REASON_OFFSET + alert_descr); -

1529 BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr); -

1530 ERR_add_error_data(2, "SSL alert number ", tmp); -

1531 s->shutdown |= SSL_RECEIVED_SHUTDOWN; -

1532 SSL3_RECORD_set_read(rr); -

1533 SSL_CTX_remove_session(s->session_ctx, s->session); -

1534

return 0;

executed 278 times by 1 test: return 0;

Executed by:

libssl.so.1.1

278

1535

} else if (alert_descr == SSL_AD_NO_RENEGOTIATION) {

alert_descr == 100	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 257 times by 1 test Evaluated by: libssl.so.1.1

4-257

1536 /* -

1537 * This is a warning but we receive it if we requested -

1538 * renegotiation and the peer denied it. Terminate with a fatal -

1539 * alert because if application tried to renegotiate it -

1540 * presumably had a good reason and expects it to succeed. In -

1541 * future we might have a renegotiation where we don't care if -

1542 * the peer refused it where we carry on. -

1543 */ -

1544 SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_SSL3_READ_BYTES, -

1545 SSL_R_NO_RENEGOTIATION); -

1546

return -1;

executed 4 times by 1 test: return -1;

Executed by:

libssl.so.1.1

1547

} else if (alert_level == SSL3_AL_WARNING) {

alert_level == 1	Description
TRUE	evaluated 256 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

1-256

1548 /* We ignore any other warning alert in TLSv1.2 and below */ -

1549

goto start;

executed 256 times by 1 test: goto start;

Executed by:

libssl.so.1.1

256

1550 } -

1551 -

1552 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_SSL3_READ_BYTES, -

1553 SSL_R_UNKNOWN_ALERT_TYPE); -

1554

return -1;

executed 1 time by 1 test: return -1;

Executed by:

libssl.so.1.1

1555 } -

1556 -

1557

if ((s->shutdown & SSL_SENT_SHUTDOWN) != 0) {

(s->shutdown & 1) != 0	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1255 times by 1 test Evaluated by: libssl.so.1.1

5-1255

1558

if (SSL3_RECORD_get_type(rr) == SSL3_RT_HANDSHAKE) {

((rr)->type) == 22	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

1-4

1559 BIO *rbio; -

1560 -

1561 /* -

1562 * We ignore any handshake messages sent to us unless they are -

1563 * TLSv1.3 in which case we want to process them. For all other -

1564 * handshake messages we can't do anything reasonable with them -

1565 * because we are unable to write any response due to having already -

1566 * sent close_notify. -

1567 */ -

1568

if (!SSL_IS_TLS13(s)) {

!(s->method->s...c_flags & 0x8)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

(s)->method->version >= 0x0304	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

(s)->method->v...ion != 0x10000	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-4

1569 SSL3_RECORD_set_length(rr, 0); -

1570 SSL3_RECORD_set_read(rr); -

1571 -

1572

if ((s->mode & SSL_MODE_AUTO_RETRY) != 0)

(s->mode & 0x00000004U) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

1573

goto start;

never executed: goto start;

1574 -

1575 s->rwstate = SSL_READING; -

1576 rbio = SSL_get_rbio(s); -

1577 BIO_clear_retry_flags(rbio); -

1578 BIO_set_retry_read(rbio); -

1579

return -1;

never executed: return -1;

1580 } -

1581

} else {

executed 4 times by 1 test: end of block

Executed by:

libssl.so.1.1

1582 /* -

1583 * The peer is continuing to send application data, but we have -

1584 * already sent close_notify. If this was expected we should have -

1585 * been called via SSL_read() and this would have been handled -

1586 * above. -

1587 * No alert sent because we already sent close_notify -

1588 */ -

1589 SSL3_RECORD_set_length(rr, 0); -

1590 SSL3_RECORD_set_read(rr); -

1591 SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_SSL3_READ_BYTES, -

1592 SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY); -

1593

return -1;

executed 1 time by 1 test: return -1;

Executed by:

libssl.so.1.1

1594 } -

1595 } -

1596 -

1597 /* -

1598 * For handshake data we have 'fragment' storage, so fill that so that we -

1599 * can process the header at a fixed place. This is done after the -

1600 * "SHUTDOWN" code above to avoid filling the fragment storage with data -

1601 * that we're just going to discard. -

1602 */ -

1603

if (SSL3_RECORD_get_type(rr) == SSL3_RT_HANDSHAKE) {

((rr)->type) == 22	Description
TRUE	evaluated 1034 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 225 times by 1 test Evaluated by: libssl.so.1.1

225-1034

1604 size_t dest_maxlen = sizeof(s->rlayer.handshake_fragment); -

1605 unsigned char *dest = s->rlayer.handshake_fragment; -

1606 size_t *dest_len = &s->rlayer.handshake_fragment_len; -

1607 -

1608 n = dest_maxlen - *dest_len; /* available space in 'dest' */ -

1609

if (SSL3_RECORD_get_length(rr) < n)

((rr)->length) < n	Description
TRUE	never evaluated
FALSE	evaluated 1034 times by 1 test Evaluated by: libssl.so.1.1

0-1034

1610

n = SSL3_RECORD_get_length(rr); /* available bytes */

never executed: n = ((rr)->length);

1611 -

1612 /* now move 'n' bytes: */ -

1613 memcpy(dest + *dest_len, -

1614 SSL3_RECORD_get_data(rr) + SSL3_RECORD_get_off(rr), n); -

1615 SSL3_RECORD_add_off(rr, n); -

1616 SSL3_RECORD_sub_length(rr, n); -

1617 *dest_len += n; -

1618

if (SSL3_RECORD_get_length(rr) == 0)

((rr)->length) == 0	Description
TRUE	evaluated 15 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1019 times by 1 test Evaluated by: libssl.so.1.1

15-1019

1619

SSL3_RECORD_set_read(rr);

executed 15 times by 1 test: ((rr)->read = 1);

Executed by:

libssl.so.1.1

1620 -

1621

if (*dest_len < dest_maxlen)

*dest_len < dest_maxlen	Description
TRUE	never evaluated
FALSE	evaluated 1034 times by 1 test Evaluated by: libssl.so.1.1

0-1034

1622

goto start; /* fragment was too small */

never executed: goto start;

1623

}

executed 1034 times by 1 test: end of block

Executed by:

libssl.so.1.1

1034

1624 -

1625

if (SSL3_RECORD_get_type(rr) == SSL3_RT_CHANGE_CIPHER_SPEC) {

((rr)->type) == 20	Description
TRUE	never evaluated
FALSE	evaluated 1259 times by 1 test Evaluated by: libssl.so.1.1

0-1259

1626 SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_SSL3_READ_BYTES, -

1627 SSL_R_CCS_RECEIVED_EARLY); -

1628

return -1;

never executed: return -1;

1629 } -

1630 -

1631 /* -

1632 * Unexpected handshake message (ClientHello, NewSessionTicket (TLS1.3) or -

1633 * protocol violation) -

1634 */ -

1635

if ((s->rlayer.handshake_fragment_len >= 4)

(s->rlayer.han...ment_len >= 4)	Description
TRUE	evaluated 1034 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 225 times by 1 test Evaluated by: libssl.so.1.1

225-1034

1636

&& !ossl_statem_get_in_handshake(s)) {

!ossl_statem_g...n_handshake(s)	Description
TRUE	evaluated 1034 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1034

1637 int ined = (s->early_data_state == SSL_EARLY_DATA_READING); -

1638 -

1639 /* We found handshake data, so we're going back into init */ -

1640 ossl_statem_set_in_init(s, 1); -

1641 -

1642 i = s->handshake_func(s); -

1643 /* SSLfatal() already called if appropriate */ -

1644

if (i < 0)

i < 0	Description
TRUE	evaluated 20 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1014 times by 1 test Evaluated by: libssl.so.1.1

20-1014

1645

return i;

executed 20 times by 1 test: return i;

Executed by:

libssl.so.1.1

1646

if (i == 0) {

i == 0	Description
TRUE	never evaluated
FALSE	evaluated 1014 times by 1 test Evaluated by: libssl.so.1.1

0-1014

1647

return -1;

never executed: return -1;

1648 } -

1649 -

1650 /* -

1651 * If we were actually trying to read early data and we found a -

1652 * handshake message, then we don't want to continue to try and read -

1653 * the application data any more. It won't be "early" now. -

1654 */ -

1655

if (ined)

ined	Description
TRUE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1007 times by 1 test Evaluated by: libssl.so.1.1

7-1007

1656

return -1;

executed 7 times by 1 test: return -1;

Executed by:

libssl.so.1.1

1657 -

1658

if (!(s->mode & SSL_MODE_AUTO_RETRY)) {

!(s->mode & 0x00000004U)	Description
TRUE	evaluated 25 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 982 times by 1 test Evaluated by: libssl.so.1.1

25-982

1659

if (SSL3_BUFFER_get_left(rbuf) == 0) {

((rbuf)->left) == 0	Description
TRUE	evaluated 25 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-25

1660 /* no read-ahead left? */ -

1661 BIO *bio; -

1662 /* -

1663 * In the case where we try to read application data, but we -

1664 * trigger an SSL handshake, we return -1 with the retry -

1665 * option set. Otherwise renegotiation may cause nasty -

1666 * problems in the blocking world -

1667 */ -

1668 s->rwstate = SSL_READING; -

1669 bio = SSL_get_rbio(s); -

1670 BIO_clear_retry_flags(bio); -

1671 BIO_set_retry_read(bio); -

1672

return -1;

executed 25 times by 1 test: return -1;

Executed by:

libssl.so.1.1

1673 } -

1674

}

never executed: end of block

1675

goto start;

executed 982 times by 1 test: goto start;

Executed by:

libssl.so.1.1

982

1676 } -

1677 -

1678 switch (SSL3_RECORD_get_type(rr)) { -

1679

default:

executed 6 times by 1 test: default:

Executed by:

libssl.so.1.1

1680 /* -

1681 * TLS 1.0 and 1.1 say you SHOULD ignore unrecognised record types, but -

1682 * TLS 1.2 says you MUST send an unexpected message alert. We use the -

1683 * TLS 1.2 behaviour for all protocol versions to prevent issues where -

1684 * no progress is being made and the peer continually sends unrecognised -

1685 * record types, using up resources processing them. -

1686 */ -

1687 SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_SSL3_READ_BYTES, -

1688 SSL_R_UNEXPECTED_RECORD); -

1689

return -1;

executed 6 times by 1 test: return -1;

Executed by:

libssl.so.1.1

1690

case SSL3_RT_CHANGE_CIPHER_SPEC:

never executed: case 20:

1691

case SSL3_RT_ALERT:

never executed: case 21:

1692

case SSL3_RT_HANDSHAKE:

never executed: case 22:

1693 /* -

1694 * we already handled all of these, with the possible exception of -

1695 * SSL3_RT_HANDSHAKE when ossl_statem_get_in_handshake(s) is true, but -

1696 * that should not happen when type != rr->type -

1697 */ -

1698 SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_SSL3_READ_BYTES, -

1699 ERR_R_INTERNAL_ERROR); -

1700

return -1;

never executed: return -1;

1701

case SSL3_RT_APPLICATION_DATA:

executed 219 times by 1 test: case 23:

Executed by:

libssl.so.1.1

219

1702 /* -

1703 * At this point, we were expecting handshake data, but have -

1704 * application data. If the library was running inside ssl3_read() -

1705 * (i.e. in_read_app_data is set) and it makes sense to read -

1706 * application data at this point (session renegotiation not yet -

1707 * started), we will indulge it. -

1708 */ -

1709

if (ossl_statem_app_data_allowed(s)) {

ossl_statem_ap...ata_allowed(s)	Description
TRUE	never evaluated
FALSE	evaluated 219 times by 1 test Evaluated by: libssl.so.1.1

0-219

1710 s->s3->in_read_app_data = 2; -

1711

return -1;

never executed: return -1;

1712

} else if (ossl_statem_skip_early_data(s)) {

ossl_statem_skip_early_data(s)	Description
TRUE	evaluated 216 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

3-216

1713 /* -

1714 * This can happen after a client sends a CH followed by early_data, -

1715 * but the server responds with a HelloRetryRequest. The server -

1716 * reads the next record from the client expecting to find a -

1717 * plaintext ClientHello but gets a record which appears to be -

1718 * application data. The trial decrypt "works" because null -

1719 * decryption was applied. We just skip it and move on to the next -

1720 * record. -

1721 */ -

1722

if (!early_data_count_ok(s, rr->length,

!early_data_co...+ 1)) + 2), 0)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 215 times by 1 test Evaluated by: libssl.so.1.1

1-215

1723

EARLY_DATA_CIPHERTEXT_OVERHEAD, 0)) {

!early_data_co...+ 1)) + 2), 0)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 215 times by 1 test Evaluated by: libssl.so.1.1

1-215

1724 /* SSLfatal() already called */ -

1725

return -1;

executed 1 time by 1 test: return -1;

Executed by:

libssl.so.1.1

1726 } -

1727 SSL3_RECORD_set_read(rr); -

1728

goto start;

executed 215 times by 1 test: goto start;

Executed by:

libssl.so.1.1

215

1729 } else { -

1730 SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_SSL3_READ_BYTES, -

1731 SSL_R_UNEXPECTED_RECORD); -

1732

return -1;

executed 3 times by 1 test: return -1;

Executed by:

libssl.so.1.1

1733 } -

1734 } -

1735 } -

1736 -

1737 void ssl3_record_sequence_update(unsigned char *seq) -

1738 { -

1739 int i; -

1740 -

1741

for (i = 7; i >= 0; i--) {

i >= 0	Description
TRUE	evaluated 4346 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-4346

1742 ++seq[i]; -

1743

if (seq[i] != 0)

seq[i] != 0	Description
TRUE	evaluated 4346 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-4346

1744

break;

executed 4346 times by 1 test: break;

Executed by:

libssl.so.1.1

4346

1745

}

never executed: end of block

1746

}

executed 4346 times by 1 test: end of block

Executed by:

libssl.so.1.1

4346

1747 -

1748 /* -

1749 * Returns true if the current rrec was sent in SSLv2 backwards compatible -

1750 * format and false otherwise. -

1751 */ -

1752 int RECORD_LAYER_is_sslv2_record(RECORD_LAYER *rl) -

1753 { -

1754

return SSL3_RECORD_is_sslv2_record(&rl->rrec[0]);

executed 44645 times by 1 test: return ((&rl->rrec[0])->rec_version == 0x0002);

Executed by:

libssl.so.1.1

44645

1755 } -

1756 -

1757 /* -

1758 * Returns the length in bytes of the current rrec -

1759 */ -

1760 size_t RECORD_LAYER_get_rrec_length(RECORD_LAYER *rl) -

1761 { -

1762

return SSL3_RECORD_get_length(&rl->rrec[0]);

executed 2746 times by 1 test: return ((&rl->rrec[0])->length);

Executed by:

libssl.so.1.1

2746

1763 } -

Source code

Switch to Preprocessed file

Generated by Squish Coco 4.2.2