From 17ab84eb07b5b9473b51f0b7984088c89b9e2001 Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Fri, 14 Jun 2013 12:49:56 +0300
Subject: [PATCH] Update call to DoAlert()

When handling the alerts, the return code wasn't checked for error codes. A corrupted alert message could cause a control flow issue.
---
 src/internal.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index ea57791e2..a470b08f1 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -4724,9 +4724,12 @@ int ProcessReply(CYASSL* ssl)
 
                 case alert:
                     CYASSL_MSG("got ALERT!");
-                    if (DoAlert(ssl, ssl->buffers.inputBuffer.buffer,
-                           &ssl->buffers.inputBuffer.idx, &type) == alert_fatal)
+                    ret = DoAlert(ssl, ssl->buffers.inputBuffer.buffer,
+                           &ssl->buffers.inputBuffer.idx, &type);
+                    if (ret == alert_fatal)
                         return FATAL_ERROR;
+                    else if (ret < 0)
+                        return ret;
 
                     /* catch warnings that are handled as errors */
                     if (type == close_notify)