From edba19760fa682ed095ca26ba89ba95530003bfe Mon Sep 17 00:00:00 2001 From: tangyiqun Date: Wed, 9 Mar 2022 18:06:41 +0800 Subject: check return value of functions that call BIO_new() Reviewed-by: Todd Short Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17850) --- fuzz/client.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/fuzz/client.c b/fuzz/client.c index 698ff0f669..1f8933eb22 100644 --- a/fuzz/client.c +++ b/fuzz/client.c @@ -55,7 +55,7 @@ int FuzzerInitialize(int *argc, char ***argv) int FuzzerTestOneInput(const uint8_t *buf, size_t len) { - SSL *client; + SSL *client = NULL; BIO *in; BIO *out; SSL_CTX *ctx; @@ -65,13 +65,23 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) /* This only fuzzes the initial flow from the client so far. */ ctx = SSL_CTX_new(SSLv23_method()); + if (ctx == NULL) + goto end; client = SSL_new(ctx); + if (client == NULL) + goto end; OPENSSL_assert(SSL_set_min_proto_version(client, 0) == 1); OPENSSL_assert(SSL_set_cipher_list(client, "ALL:eNULL:@SECLEVEL=0") == 1); SSL_set_tlsext_host_name(client, "localhost"); in = BIO_new(BIO_s_mem()); + if (in == NULL) + goto end; out = BIO_new(BIO_s_mem()); + if (out == NULL) { + BIO_free(in); + goto end; + } SSL_set_bio(client, in, out); SSL_set_connect_state(client); OPENSSL_assert((size_t)BIO_write(in, buf, len) == len); @@ -84,6 +94,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) } } } + end: SSL_free(client); ERR_clear_error(); SSL_CTX_free(ctx); -- cgit v1.2.3