[openssl] master update

tomas at openssl.org tomas at openssl.org
Wed Jan 26 16:33:01 UTC 2022 

The branch master has been updated
       via  3f6a12a07f52c55dc3f4b0def42680f589f89ed4 (commit)
      from  1d28ada1c39997c10fe5392f4235bbd2bc44b40f (commit)


- Log -----------------------------------------------------------------
commit 3f6a12a07f52c55dc3f4b0def42680f589f89ed4
Author: Jiasheng Jiang <jiasheng at iscas.ac.cn>
Date:   Tue Jan 25 15:51:31 2022 +0800

    UI: Check for NULL pointer after calling OPENSSL_memdup
    
    The OPENSSL_memdup() is not always success, as the potential failure of
    the allocation.
    Then the '*pptr'could be NULL pointer but the ui_dup_method_data() will
    still return 1.
    In CRYPTO_dup_ex_data(), the 'storage[i]->dup_func' will not fail and
    'ptr' will be used in CRYPTO_set_ex_data().
    Also, if '*pptr' is NULL, I think it should also return 0 to tell the
    caller that the duplication fails in order to prevernt using the NULL
    pointer.
    Therefore, it should be better to add the check and return 1 only if the
    duplication succeed.
    
    Signed-off-by: Jiasheng Jiang <jiasheng at iscas.ac.cn>
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/17582)

-----------------------------------------------------------------------

Summary of changes:
 crypto/ui/ui_util.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/crypto/ui/ui_util.c b/crypto/ui/ui_util.c
index 871472cd32..9967111ecd 100644
--- a/crypto/ui/ui_util.c
+++ b/crypto/ui/ui_util.c
@@ -73,9 +73,12 @@ static void ui_new_method_data(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
 static int ui_dup_method_data(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
                               void **pptr, int idx, long argl, void *argp)
 {
-    if (*pptr != NULL)
+    if (*pptr != NULL) {
         *pptr = OPENSSL_memdup(*pptr, sizeof(struct pem_password_cb_data));
-    return 1;
+        if (*pptr != NULL)
+            return 1;
+    }
+    return 0;
 }
 
 static void ui_free_method_data(void *parent, void *ptr, CRYPTO_EX_DATA *ad,

More information about the openssl-commits mailing list