[openssl/openssl] ea9e16: Check for EVP_MD being NULL inside ssl.
slontis
noreply at reply.github.openssl.org
Wed Jul 13 07:03:30 UTC 2022
Branch: refs/heads/openssl-3.0
Home: https://github.openssl.org/openssl/openssl
Commit: ea9e16d16b17d9aa1544e54e79c6438aef9b2e6e
https://github.openssl.org/openssl/openssl/commit/ea9e16d16b17d9aa1544e54e79c6438aef9b2e6e
Author: slontis <shane.lontis at oracle.com>
Date: 2022-07-13 (Wed, 13 Jul 2022)
Changed paths:
M ssl/s3_lib.c
M ssl/ssl_ciph.c
M ssl/statem/extensions_srvr.c
M ssl/statem/statem_clnt.c
M ssl/tls13_enc.c
Log Message:
-----------
Check for EVP_MD being NULL inside ssl.
Fix multiple places that could potentially segfault if memory
allocations fail. e.g. ssl_load_ciphers() could fail while calling
ssl_evp_md_fetch().
Found by #18355
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18784)
(cherry picked from commit b740012f77aed97cb4b3cd8a4f1fb2f668542795)
More information about the openssl-commits
mailing list