From 4a9f57956bcb8c19e392b6a130018b313c0f8b73 Mon Sep 17 00:00:00 2001
From: EKR <ekr@rtfm.com>
Date: Mon, 1 Oct 2018 16:20:33 -0700
Subject: [PATCH] Bug 1495451 - Fix issues flagged by coverity. r=mt

Tags: #secure-revision

Bug #: 1495451

Differential Revision: https://phabricator.services.mozilla.com/D7358
---
 lib/ssl/tls13con.c       | 1 +
 lib/ssl/tls13exthandle.c | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/lib/ssl/tls13con.c b/lib/ssl/tls13con.c
index cef287a2c9..e1698a24da 100644
--- a/lib/ssl/tls13con.c
+++ b/lib/ssl/tls13con.c
@@ -3449,6 +3449,7 @@ tls13_CopyKeyShareEntry(TLS13KeyShareEntry *o)
 
     if (SECSuccess != SECITEM_CopyItem(NULL, &n->key_exchange, &o->key_exchange)) {
         PORT_Free(n);
+        return NULL;
     }
     n->group = o->group;
     return n;
diff --git a/lib/ssl/tls13exthandle.c b/lib/ssl/tls13exthandle.c
index cc0ce02b56..8ed18f69cd 100644
--- a/lib/ssl/tls13exthandle.c
+++ b/lib/ssl/tls13exthandle.c
@@ -249,6 +249,7 @@ tls13_ClientHandleKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData,
     }
 
     if (SSL_READER_REMAINING(&rdr)) {
+        tls13_DestroyKeyShareEntry(ks);
         PORT_SetError(SSL_ERROR_RX_MALFORMED_KEY_SHARE);
         return SECFailure;
     }
@@ -1310,6 +1311,9 @@ tls13_ServerHandleEsniXtn(const sslSocket *ss, TLSExtensionData *xtnData,
     PRUint64 tmp;
     while (SSL_READER_REMAINING(&sniRdr)) {
         rv = sslRead_ReadNumber(&sniRdr, 1, &tmp);
+        if (rv != SECSuccess) {
+            goto loser;
+        }
         if (tmp != 0) {
             goto loser;
         }