[openssl] openssl-3.0 update

tomas at openssl.org tomas at openssl.org
Thu Feb 17 10:20:04 UTC 2022 

The branch openssl-3.0 has been updated
       via  edd8ea5da7854d3b70a7b12833ac20e734cc2b42 (commit)
      from  59de5a5e8603fb5e2e7b0aa78224152700ad905a (commit)


- Log -----------------------------------------------------------------
commit edd8ea5da7854d3b70a7b12833ac20e734cc2b42
Author: Jiasheng Jiang <jiasheng at iscas.ac.cn>
Date:   Wed Feb 9 23:04:25 2022 +0800

    s_server: Add check for OPENSSL_strdup
    
    Since the OPENSSL_strdup() may return NULL if allocation
    fails, the 'port' could be NULL.
    And then it will be used in do_server(), which can accept
    NULL as an valid parameter.
    That means that the system could run with a wrong parameter.
    Therefore it should be better to check it, like the other
    memory allocation.
    
    Signed-off-by: Jiasheng Jiang <jiasheng at iscas.ac.cn>
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/17673)
    
    (cherry picked from commit 0c5905581e9d1d79d62cac56a0e3c2ed487afecf)

-----------------------------------------------------------------------

Summary of changes:
 apps/s_server.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/apps/s_server.c b/apps/s_server.c
index 813c56592c..864a15f69b 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1006,7 +1006,7 @@ int s_server_main(int argc, char *argv[])
     int socket_family = AF_UNSPEC, socket_type = SOCK_STREAM, protocol = 0;
     int state = 0, crl_format = FORMAT_UNDEF, crl_download = 0;
     char *host = NULL;
-    char *port = OPENSSL_strdup(PORT);
+    char *port = NULL;
     unsigned char *context = NULL;
     OPTION_CHOICE o;
     EVP_PKEY *s_key2 = NULL;
@@ -1069,9 +1069,10 @@ int s_server_main(int argc, char *argv[])
     async = 0;
     use_sendfile = 0;
 
+    port = OPENSSL_strdup(PORT);
     cctx = SSL_CONF_CTX_new();
     vpm = X509_VERIFY_PARAM_new();
-    if (cctx == NULL || vpm == NULL)
+    if (port == NULL || cctx == NULL || vpm == NULL)
         goto end;
     SSL_CONF_CTX_set_flags(cctx,
                            SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CMDLINE);

More information about the openssl-commits mailing list