[openssl-dev] [openssl.org #4382] [PATCH] Missing Sanity Check(s) for BUF_strdup() in OpenSSL-1.0.2g

Bill Parker via RT rt at openssl.org
Mon Mar 7 17:51:28 UTC 2016


Hello All,

In reviewing source code in directory 'crypto/conf', file 'conf_mod.c',
there is a call to BUF_strdup() in function 'module_add()' which is not
checked for a return value of NULL, indicating failure.

The patch file below adds the check and calls OPENSSL_free(tmod) to
release the previous allocation by OPENSSL_malloc():

--- conf_mod.c.orig     2016-03-06 05:46:50.424008381 -0800
+++ conf_mod.c  2016-03-06 05:47:49.031457086 -0800
@@ -288,6 +288,10 @@

     tmod->dso = dso;
     tmod->name = BUF_strdup(name);
+    if (!tmod->name) {
+       OPENSSL_free(tmod);
+       return NULL;
+    }
     tmod->init = ifunc;
     tmod->finish = ffunc;
     tmod->links = 0;

-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4382
Please log in as guest with password guest if prompted

-------------- next part --------------
A non-text attachment was scrubbed...
Name: conf_mod.c.patch
Type: application/octet-stream
Size: 330 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160307/be2ab577/attachment.obj>


More information about the openssl-dev mailing list