[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Rich Salz
rsalz at openssl.org
Wed Feb 15 13:44:59 UTC 2017
The branch OpenSSL_1_0_2-stable has been updated
via b75dbf3c118aeee4b1a71f882eb30ba7cefba486 (commit)
from 9b9f8315dc3b205e19f04565efe54fbac62f9a30 (commit)
- Log -----------------------------------------------------------------
commit b75dbf3c118aeee4b1a71f882eb30ba7cefba486
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date: Tue Feb 14 16:38:02 2017 +0100
Fix some realloc error handling issues.
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2625)
-----------------------------------------------------------------------
Summary of changes:
apps/engine.c | 9 ++++++---
ssl/ssl_rsa.c | 6 ++++--
ssl/t1_ext.c | 14 ++++++--------
3 files changed, 16 insertions(+), 13 deletions(-)
diff --git a/apps/engine.c b/apps/engine.c
index f54631b..a8eed9a 100644
--- a/apps/engine.c
+++ b/apps/engine.c
@@ -108,13 +108,16 @@ static int append_buf(char **buf, const char *s, int *size, int step)
}
if (strlen(*buf) + strlen(s) >= (unsigned int)*size) {
+ char *p = *buf;
+
*size += step;
*buf = OPENSSL_realloc(*buf, *size);
+ if (*buf == NULL) {
+ OPENSSL_free(p);
+ return 0;
+ }
}
- if (*buf == NULL)
- return 0;
-
if (**buf != '\0')
BUF_strlcat(*buf, ", ", *size);
BUF_strlcat(*buf, s, *size);
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index f679801..af03d45 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -964,6 +964,7 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
int ret = 0;
BIO *bin = NULL;
size_t num_extensions = 0;
+ unsigned char *new_serverinfo;
if (ctx == NULL || file == NULL) {
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
@@ -1014,12 +1015,13 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
goto end;
}
/* Append the decoded extension to the serverinfo buffer */
- serverinfo =
+ new_serverinfo =
OPENSSL_realloc(serverinfo, serverinfo_length + extension_length);
- if (serverinfo == NULL) {
+ if (new_serverinfo == NULL) {
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE);
goto end;
}
+ serverinfo = new_serverinfo;
memcpy(serverinfo + serverinfo_length, extension, extension_length);
serverinfo_length += extension_length;
diff --git a/ssl/t1_ext.c b/ssl/t1_ext.c
index 79ed946..8909914 100644
--- a/ssl/t1_ext.c
+++ b/ssl/t1_ext.c
@@ -223,16 +223,14 @@ static int custom_ext_meth_add(custom_ext_methods *exts,
/* Search for duplicate */
if (custom_ext_find(exts, ext_type))
return 0;
- exts->meths = OPENSSL_realloc(exts->meths,
- (exts->meths_count +
- 1) * sizeof(custom_ext_method));
-
- if (!exts->meths) {
- exts->meths_count = 0;
+ meth = OPENSSL_realloc(exts->meths,
+ (exts->meths_count + 1)
+ * sizeof(custom_ext_method));
+ if (meth == NULL)
return 0;
- }
- meth = exts->meths + exts->meths_count;
+ exts->meths = meth;
+ meth += exts->meths_count;
memset(meth, 0, sizeof(custom_ext_method));
meth->parse_cb = parse_cb;
meth->add_cb = add_cb;
More information about the openssl-commits
mailing list