[openssl] openssl-3.0 update
Dr. Paul Dale
pauli at openssl.org
Tue Feb 8 23:46:00 UTC 2022
The branch openssl-3.0 has been updated
via 828bbe3795c82fe060f823ff117a753e81fb48d3 (commit)
from ebdec62c38494739d9cb4cdd6b1c4a511d169a90 (commit)
- Log -----------------------------------------------------------------
commit 828bbe3795c82fe060f823ff117a753e81fb48d3
Author: Jiasheng Jiang <jiasheng at iscas.ac.cn>
Date: Sat Feb 5 19:31:11 2022 +0800
Add the check after calling OPENSSL_strdup
Since the potential failure of the memory allocation, the
OPENSSL_strdup() could return NULL pointer.
Therefore, it should be better to check it in order to guarantee the
success of the configuration, same as the check for
SSL_CTX_set_srp_username().
Signed-off-by: Jiasheng Jiang <jiasheng at iscas.ac.cn>
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17643)
(cherry picked from commit 09030ee73693411c19b596cb0e0f43eb512ac0e6)
-----------------------------------------------------------------------
Summary of changes:
test/helpers/handshake_srp.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/test/helpers/handshake_srp.c b/test/helpers/handshake_srp.c
index f18e5c81a6..11825d1dca 100644
--- a/test/helpers/handshake_srp.c
+++ b/test/helpers/handshake_srp.c
@@ -49,6 +49,13 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
SSL_CTX_set_srp_username_callback(server_ctx, server_srp_cb);
server_ctx_data->srp_user = OPENSSL_strdup(extra->server.srp_user);
server_ctx_data->srp_password = OPENSSL_strdup(extra->server.srp_password);
+ if (server_ctx_data->srp_user == NULL || server_ctx_data->srp_password == NULL) {
+ OPENSSL_free(server_ctx_data->srp_user);
+ OPENSSL_free(server_ctx_data->srp_password);
+ server_ctx_data->srp_user = NULL;
+ server_ctx_data->srp_password = NULL;
+ return 0;
+ }
SSL_CTX_set_srp_cb_arg(server_ctx, server_ctx_data);
}
if (extra->server2.srp_user != NULL) {
@@ -57,6 +64,13 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
SSL_CTX_set_srp_username_callback(server2_ctx, server_srp_cb);
server2_ctx_data->srp_user = OPENSSL_strdup(extra->server2.srp_user);
server2_ctx_data->srp_password = OPENSSL_strdup(extra->server2.srp_password);
+ if (server2_ctx_data->srp_user == NULL || server2_ctx_data->srp_password == NULL) {
+ OPENSSL_free(server2_ctx_data->srp_user);
+ OPENSSL_free(server2_ctx_data->srp_password);
+ server2_ctx_data->srp_user = NULL;
+ server2_ctx_data->srp_password = NULL;
+ return 0;
+ }
SSL_CTX_set_srp_cb_arg(server2_ctx, server2_ctx_data);
}
if (extra->client.srp_user != NULL) {
@@ -65,6 +79,8 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
return 0;
SSL_CTX_set_srp_client_pwd_callback(client_ctx, client_srp_cb);
client_ctx_data->srp_password = OPENSSL_strdup(extra->client.srp_password);
+ if (client_ctx_data->srp_password == NULL)
+ return 0;
SSL_CTX_set_srp_cb_arg(client_ctx, client_ctx_data);
}
return 1;
More information about the openssl-commits
mailing list