diff options
| author | Jiasheng Jiang <jiasheng@iscas.ac.cn> | 2022-02-09 23:04:25 +0800 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2022-02-17 11:19:29 +0100 |
| commit | 0c5905581e9d1d79d62cac56a0e3c2ed487afecf (patch) | |
| tree | 7b090fbf696cf465fa7b77e45f891989cc430a9e /apps | |
| parent | d5530efada83825ef239a8458db541adc4b422ec (diff) | |
s_server: Add check for OPENSSL_strdup
Since the OPENSSL_strdup() may return NULL if allocation
fails, the 'port' could be NULL.
And then it will be used in do_server(), which can accept
NULL as an valid parameter.
That means that the system could run with a wrong parameter.
Therefore it should be better to check it, like the other
memory allocation.
Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17673)
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/s_server.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/apps/s_server.c b/apps/s_server.c index 5ec053b45b..3646dd1dbd 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1007,7 +1007,7 @@ int s_server_main(int argc, char *argv[]) int socket_family = AF_UNSPEC, socket_type = SOCK_STREAM, protocol = 0; int state = 0, crl_format = FORMAT_UNDEF, crl_download = 0; char *host = NULL; - char *port = OPENSSL_strdup(PORT); + char *port = NULL; unsigned char *context = NULL; OPTION_CHOICE o; EVP_PKEY *s_key2 = NULL; @@ -1073,9 +1073,10 @@ int s_server_main(int argc, char *argv[]) async = 0; use_sendfile = 0; + port = OPENSSL_strdup(PORT); cctx = SSL_CONF_CTX_new(); vpm = X509_VERIFY_PARAM_new(); - if (cctx == NULL || vpm == NULL) + if (port == NULL || cctx == NULL || vpm == NULL) goto end; SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CMDLINE); |