diff options
author | Jiasheng Jiang <jiasheng@iscas.ac.cn> | 2022-02-09 23:04:25 +0800 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-02-17 11:19:59 +0100 |
commit | edd8ea5da7854d3b70a7b12833ac20e734cc2b42 (patch) | |
tree | 4003b6007900890f452ae4b7e667159c8644825e /apps | |
parent | 59de5a5e8603fb5e2e7b0aa78224152700ad905a (diff) |
s_server: Add check for OPENSSL_strdup
Since the OPENSSL_strdup() may return NULL if allocation
fails, the 'port' could be NULL.
And then it will be used in do_server(), which can accept
NULL as an valid parameter.
That means that the system could run with a wrong parameter.
Therefore it should be better to check it, like the other
memory allocation.
Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17673)
(cherry picked from commit 0c5905581e9d1d79d62cac56a0e3c2ed487afecf)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/s_server.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/apps/s_server.c b/apps/s_server.c index 813c56592c..864a15f69b 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1006,7 +1006,7 @@ int s_server_main(int argc, char *argv[]) int socket_family = AF_UNSPEC, socket_type = SOCK_STREAM, protocol = 0; int state = 0, crl_format = FORMAT_UNDEF, crl_download = 0; char *host = NULL; - char *port = OPENSSL_strdup(PORT); + char *port = NULL; unsigned char *context = NULL; OPTION_CHOICE o; EVP_PKEY *s_key2 = NULL; @@ -1069,9 +1069,10 @@ int s_server_main(int argc, char *argv[]) async = 0; use_sendfile = 0; + port = OPENSSL_strdup(PORT); cctx = SSL_CONF_CTX_new(); vpm = X509_VERIFY_PARAM_new(); - if (cctx == NULL || vpm == NULL) + if (port == NULL || cctx == NULL || vpm == NULL) goto end; SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CMDLINE); |