diff options
author | Jiasheng Jiang <jiasheng@iscas.ac.cn> | 2022-02-21 09:51:54 +0800 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-02-28 12:18:24 +0100 |
commit | 366a16263959c0b6599f0b9ec18124d75560c6ef (patch) | |
tree | 639443fa468c3ba94e93f1d9d623cca4943779b5 /crypto | |
parent | 885d97fbf84fb9de7548a5f6d4e90798f719022a (diff) |
crypto/x509/v3_utl.c: Add missing check for OPENSSL_strndup
Since the potential failure of memory allocation, it
should be better to check the return value of the
OPENSSL_strndup(), like x509v3_add_len_value().
And following the comment of 'if (astrlen < 0)',
return -1 if fails.
Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17737)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/x509/v3_utl.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/crypto/x509/v3_utl.c b/crypto/x509/v3_utl.c index 0687ffabc9..ae53554e58 100644 --- a/crypto/x509/v3_utl.c +++ b/crypto/x509/v3_utl.c @@ -833,8 +833,11 @@ static int do_check_string(const ASN1_STRING *a, int cmp_type, equal_fn equal, rv = equal(a->data, a->length, (unsigned char *)b, blen, flags); else if (a->length == (int)blen && !memcmp(a->data, b, blen)) rv = 1; - if (rv > 0 && peername) + if (rv > 0 && peername != NULL) { *peername = OPENSSL_strndup((char *)a->data, a->length); + if (*peername == NULL) + return -1; + } } else { int astrlen; unsigned char *astr; @@ -847,8 +850,13 @@ static int do_check_string(const ASN1_STRING *a, int cmp_type, equal_fn equal, return -1; } rv = equal(astr, astrlen, (unsigned char *)b, blen, flags); - if (rv > 0 && peername) + if (rv > 0 && peername != NULL) { *peername = OPENSSL_strndup((char *)astr, astrlen); + if (*peername == NULL) { + OPENSSL_free(astr); + return -1; + } + } OPENSSL_free(astr); } return rv; |