[openssl-commits] [openssl] OpenSSL_1_0_0-stable update

Matt Caswell matt at openssl.org
Wed Apr 22 16:29:22 UTC 2015


The branch OpenSSL_1_0_0-stable has been updated
       via  50c2c64fe76c65f5dda8fb1180a435198c14fba7 (commit)
      from  a6202a74f9fd459607adaec9e4c7aa8d103dbd11 (commit)


- Log -----------------------------------------------------------------
commit 50c2c64fe76c65f5dda8fb1180a435198c14fba7
Author: Loganaden Velvindron <loganaden at gmail.com>
Date:   Wed Apr 22 16:16:30 2015 +0100

    Fix CRYPTO_strdup
    
    The function CRYPTO_strdup (aka OPENSSL_strdup) fails to check the return
    value from CRYPTO_malloc to see if it is NULL before attempting to use it.
    This patch adds a NULL check.
    
    RT3786
    
    Signed-off-by: Matt Caswell <matt at openssl.org>
    (cherry picked from commit 37b0cf936744d9edb99b5dd82cae78a7eac6ad60)
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (cherry picked from commit 20d21389c8b6f5b754573ffb6a4dc4f3986f2ca4)

-----------------------------------------------------------------------

Summary of changes:
 crypto/mem.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/crypto/mem.c b/crypto/mem.c
index 628b650..5cbf474 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -358,6 +358,9 @@ char *CRYPTO_strdup(const char *str, const char *file, int line)
 {
     char *ret = CRYPTO_malloc(strlen(str) + 1, file, line);
 
+    if (ret == NULL)
+        return NULL;
+
     strcpy(ret, str);
     return ret;
 }


More information about the openssl-commits mailing list