Fix err checking and mem leaks of BIO_set_conn_port and BIO_set_conn_address

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12036)
author: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2020-06-03 07:49:27 +0200
committer: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2020-06-09 12:13:14 +0200
commit: 7f699cb663741a73cfe95214d4a39a1078c94294 (patch)
tree: 218419353310da5cde771d52318c910b712a0d62 /crypto/bio
parent: 46fe1c7caee1442ead1f7c780e5c50045a00f76e (diff)
1 files changed, 18 insertions, 7 deletions
diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c
index f4c6b85728..807a82b23b 100644
--- a/crypto/bio/bss_conn.c
+++ b/crypto/bio/bss_conn.c
@@ -416,12 +416,13 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
     case BIO_C_SET_CONNECT:
         if (ptr != NULL) {
             b->init = 1;
-            if (num == 0) {
+            if (num == 0) { /* BIO_set_conn_hostname */
                 char *hold_service = data->param_service;
                 /* We affect the hostname regardless.  However, the input
                  * string might contain a host:service spec, so we must
                  * parse it, which might or might not affect the service
                  */
+
                 OPENSSL_free(data->param_hostname);
                 data->param_hostname = NULL;
                 ret = BIO_parse_hostserv(ptr,
@@ -430,19 +431,29 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
                                          BIO_PARSE_PRIO_HOST);
                 if (hold_service != data->param_service)
                     OPENSSL_free(hold_service);
-            } else if (num == 1) {
+            } else if (num == 1) { /* BIO_set_conn_port */
                 OPENSSL_free(data->param_service);
-                data->param_service = BUF_strdup(ptr);
-            } else if (num == 2) {
+                if ((data->param_service = OPENSSL_strdup(ptr)) == NULL)
+                    ret = 0;
+            } else if (num == 2) { /* BIO_set_conn_address */
                 const BIO_ADDR *addr = (const BIO_ADDR *)ptr;
+                char *host = BIO_ADDR_hostname_string(addr, 1);
+                char *service = BIO_ADDR_service_string(addr, 1);
+
+                ret = host != NULL && service != NULL;
                 if (ret) {
-                    data->param_hostname = BIO_ADDR_hostname_string(addr, 1);
-                    data->param_service = BIO_ADDR_service_string(addr, 1);
+                    OPENSSL_free(data->param_hostname);
+                    data->param_hostname = host;
+                    OPENSSL_free(data->param_service);
+                    data->param_service = service;
                     BIO_ADDRINFO_free(data->addr_first);
                     data->addr_first = NULL;
                     data->addr_iter = NULL;
+                } else {
+                    OPENSSL_free(host);
+                    OPENSSL_free(service);
                 }
-            } else if (num == 3) {
+            } else if (num == 3) { /* BIO_set_conn_ip_family */
                 data->connect_family = *(int *)ptr;
             } else {
                 ret = 0;
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2020-06-03 07:49:27 +0200
committer	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2020-06-09 12:13:14 +0200
commit	7f699cb663741a73cfe95214d4a39a1078c94294 (patch)
tree	218419353310da5cde771d52318c910b712a0d62 /crypto/bio
parent	46fe1c7caee1442ead1f7c780e5c50045a00f76e (diff)