[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

Rich Salz rsalz at openssl.org
Sat Dec 10 21:50:02 UTC 2016


The branch OpenSSL_1_1_0-stable has been updated
       via  a08ae8fee9539ed1432f4169cea46f6e27990dd5 (commit)
      from  a3a4bb74cf4129b87739033d74623db5a5ec2ece (commit)


- Log -----------------------------------------------------------------
commit a08ae8fee9539ed1432f4169cea46f6e27990dd5
Author: Davide Galassi <davide.galassi at gmail.com>
Date:   Fri Dec 2 17:10:37 2016 +0100

    Avoid the call to OPENSSL_malloc with a negative value (then casted to unsigned)
    
    CLA: trivial
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/2021)
    (cherry picked from commit 210fe4edee6514e4c1f0677adc9112c4459da02b)

-----------------------------------------------------------------------

Summary of changes:
 crypto/dso/dso_lib.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/crypto/dso/dso_lib.c b/crypto/dso/dso_lib.c
index 52816df..f58237d 100644
--- a/crypto/dso/dso_lib.c
+++ b/crypto/dso/dso_lib.c
@@ -324,6 +324,9 @@ DSO *DSO_dsobyaddr(void *addr, int flags)
     char *filename = NULL;
     int len = DSO_pathbyaddr(addr, NULL, 0);
 
+    if (len < 0)
+        return NULL;
+
     filename = OPENSSL_malloc(len);
     if (filename != NULL
             && DSO_pathbyaddr(addr, filename, len) == len)


More information about the openssl-commits mailing list