[openssl] master update
tomas at openssl.org
tomas at openssl.org
Thu Feb 17 12:01:58 UTC 2022
The branch master has been updated
via ba0b60c632ae9c5590b59184281baaf0a39f0c24 (commit)
from 8f084b43803d53e15d83ed130210f026f84679ff (commit)
- Log -----------------------------------------------------------------
commit ba0b60c632ae9c5590b59184281baaf0a39f0c24
Author: Jiasheng Jiang <jiasheng at iscas.ac.cn>
Date: Wed Feb 16 11:27:23 2022 +0800
apps/s_server: Add missing check for BIO_new
As the potential failure of the BIO_new(), it should be better to check the return value and return error if fails in order to avoid the dereference of NULL pointer.
And because 'bio_s_msg' is checked before being used everytime, which has no need to add the check.
But 'bio_s_out' is not.
And since the check 'if (bio_s_out == NULL)' is redundant, it can be removed to make the code succincter.
Also the 'sbio' and so forth should be checked like the other places in the same file.
Signed-off-by: Jiasheng Jiang <jiasheng at iscas.ac.cn>
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17710)
-----------------------------------------------------------------------
Summary of changes:
apps/s_server.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++----
1 file changed, 50 insertions(+), 4 deletions(-)
diff --git a/apps/s_server.c b/apps/s_server.c
index 3646dd1dbd..45c112345f 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1817,10 +1817,13 @@ int s_server_main(int argc, char *argv[])
if (s_msg && bio_s_msg == NULL)
bio_s_msg = dup_bio_out(FORMAT_TEXT);
} else {
- if (bio_s_out == NULL)
- bio_s_out = dup_bio_out(FORMAT_TEXT);
+ bio_s_out = dup_bio_out(FORMAT_TEXT);
}
}
+
+ if (bio_s_out == NULL)
+ goto end;
+
if (nocert) {
s_cert_file = NULL;
s_key_file = NULL;
@@ -2362,6 +2365,11 @@ static int sv_body(int s, int stype, int prot, unsigned char *context)
else
# endif
sbio = BIO_new_dgram(s, BIO_NOCLOSE);
+ if (sbio == NULL) {
+ BIO_printf(bio_err, "Unable to create BIO\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
if (enable_timeouts) {
timeout.tv_sec = 0;
@@ -2411,6 +2419,13 @@ static int sv_body(int s, int stype, int prot, unsigned char *context)
BIO *test;
test = BIO_new(BIO_f_nbio_test());
+ if (test == NULL) {
+ BIO_printf(bio_err, "Unable to create BIO\n");
+ ret = -1;
+ BIO_free(sbio);
+ goto err;
+ }
+
sbio = BIO_push(test, sbio);
}
@@ -2997,6 +3012,9 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
int width;
fd_set readfds;
const char *opmode;
+#ifdef CHARSET_EBCDIC
+ BIO *filter;
+#endif
/* Set width for a select call if needed */
width = s + 1;
@@ -3036,10 +3054,21 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
}
sbio = BIO_new_socket(s, BIO_NOCLOSE);
+ if (sbio == NULL) {
+ SSL_free(con);
+ goto err;
+ }
+
if (s_nbio_test) {
BIO *test;
test = BIO_new(BIO_f_nbio_test());
+ if (test == NULL) {
+ SSL_free(con);
+ BIO_free(sbio);
+ goto err;
+ }
+
sbio = BIO_push(test, sbio);
}
SSL_set_bio(con, sbio, sbio);
@@ -3050,7 +3079,11 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
BIO_push(io, ssl_bio);
ssl_bio = NULL;
#ifdef CHARSET_EBCDIC
- io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
+ filter = BIO_new(BIO_f_ebcdic_filter());
+ if (filter == NULL)
+ goto err;
+
+ io = BIO_push(filter, io);
#endif
if (s_debug) {
@@ -3414,6 +3447,9 @@ static int rev_body(int s, int stype, int prot, unsigned char *context)
int ret = 1;
SSL *con;
BIO *io, *ssl_bio, *sbio;
+#ifdef CHARSET_EBCDIC
+ BIO *filter;
+#endif
/* as we use BIO_gets(), and it always null terminates data, we need
* to allocate 1 byte longer buffer to fit the full 2^14 byte record */
@@ -3443,6 +3479,12 @@ static int rev_body(int s, int stype, int prot, unsigned char *context)
}
sbio = BIO_new_socket(s, BIO_NOCLOSE);
+ if (sbio == NULL) {
+ SSL_free(con);
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
SSL_set_bio(con, sbio, sbio);
SSL_set_accept_state(con);
@@ -3451,7 +3493,11 @@ static int rev_body(int s, int stype, int prot, unsigned char *context)
BIO_push(io, ssl_bio);
ssl_bio = NULL;
#ifdef CHARSET_EBCDIC
- io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
+ filter = BIO_new(BIO_f_ebcdic_filter());
+ if (filter == NULL)
+ goto err;
+
+ io = BIO_push(filter, io);
#endif
if (s_debug) {
More information about the openssl-commits
mailing list