[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Matt Caswell
matt at openssl.org
Wed Apr 22 16:30:11 UTC 2015
The branch OpenSSL_1_0_2-stable has been updated
via 6e5d13076503e9ec7f1c2c690339f99284b7d283 (commit)
from 8f0f9ffda301485e665ba075b5422221629579b9 (commit)
- Log -----------------------------------------------------------------
commit 6e5d13076503e9ec7f1c2c690339f99284b7d283
Author: Loganaden Velvindron <loganaden at gmail.com>
Date: Wed Apr 22 16:16:30 2015 +0100
Fix CRYPTO_strdup
The function CRYPTO_strdup (aka OPENSSL_strdup) fails to check the return
value from CRYPTO_malloc to see if it is NULL before attempting to use it.
This patch adds a NULL check.
RT3786
Signed-off-by: Matt Caswell <matt at openssl.org>
(cherry picked from commit 37b0cf936744d9edb99b5dd82cae78a7eac6ad60)
Reviewed-by: Rich Salz <rsalz at openssl.org>
(cherry picked from commit 20d21389c8b6f5b754573ffb6a4dc4f3986f2ca4)
-----------------------------------------------------------------------
Summary of changes:
crypto/mem.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/crypto/mem.c b/crypto/mem.c
index 2ce3e89..fdad49b 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -365,6 +365,9 @@ char *CRYPTO_strdup(const char *str, const char *file, int line)
{
char *ret = CRYPTO_malloc(strlen(str) + 1, file, line);
+ if (ret == NULL)
+ return NULL;
+
strcpy(ret, str);
return ret;
}
More information about the openssl-commits
mailing list