From 37be6feeebfec87733e5cb4762fc12bebba9f124 Mon Sep 17 00:00:00 2001 From: xkernel Date: Mon, 21 Feb 2022 15:17:46 +0800 Subject: check the return value of CRYPTO_strdup() Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17741) --- apps/req.c | 7 +++++++ apps/s_client.c | 5 +++-- 2 files changed, 10 insertions(+), 2 deletions(-) (limited to 'apps') diff --git a/apps/req.c b/apps/req.c index 45de46d393..76b337f6bc 100644 --- a/apps/req.c +++ b/apps/req.c @@ -1588,6 +1588,13 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr, *pkeytype = OPENSSL_strndup(keytype, keytypelen); else *pkeytype = OPENSSL_strdup(keytype); + + if (*pkeytype == NULL) { + BIO_printf(bio_err, "Out of memory\n"); + EVP_PKEY_free(param); + return NULL; + } + if (keylen >= 0) *pkeylen = keylen; diff --git a/apps/s_client.c b/apps/s_client.c index cbce988c97..208595613b 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -811,7 +811,7 @@ int s_client_main(int argc, char **argv) char *cert_file = NULL, *key_file = NULL, *chain_file = NULL; char *chCApath = NULL, *chCAfile = NULL, *chCAstore = NULL, *host = NULL; char *thost = NULL, *tport = NULL; - char *port = OPENSSL_strdup(PORT); + char *port = NULL; char *bindhost = NULL, *bindport = NULL; char *passarg = NULL, *pass = NULL; char *vfyCApath = NULL, *vfyCAfile = NULL, *vfyCAstore = NULL; @@ -914,10 +914,11 @@ int s_client_main(int argc, char **argv) c_debug = 0; c_showcerts = 0; c_nbio = 0; + port = OPENSSL_strdup(PORT); vpm = X509_VERIFY_PARAM_new(); cctx = SSL_CONF_CTX_new(); - if (vpm == NULL || cctx == NULL) { + if (port == NULL || vpm == NULL || cctx == NULL) { BIO_printf(bio_err, "%s: out of memory\n", opt_getprog()); goto end; } -- cgit v1.2.3