Check the return from OPENSSL_buf2hexstr() The function OPENSSL_buf2hexstr() can return NULL if it fails to allocate memory so the callers should check its return value. Fixes #10525 Reported-by: Ziyang Li (@Liby99) Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/10526)

commit: 17197a2f61d04314b465b71a4ce164b5e219f15c [log] [tgz]
author: Matt Caswell <matt@openssl.org> Tue Nov 26 17:15:20 2019 +0000
committer: Matt Caswell <matt@openssl.org> Fri Nov 29 14:21:55 2019 +0000
tree: c29704c6ca5c958adb250a42581da3feabd9d3fb
parent: c1ff5994407bc093eca78eb2fd4f813b7ee581a2 [diff] [blame]
diff --git a/apps/kdf.c b/apps/kdf.c
index 66e7e7a..82818f1 100644
--- a/apps/kdf.c
+++ b/apps/kdf.c

@@ -138,6 +138,10 @@
         BIO_write(out, dkm_bytes, dkm_len);
     } else {
         hexout = OPENSSL_buf2hexstr(dkm_bytes, dkm_len);
+        if (hexout == NULL) {
+            BIO_printf(bio_err, "Memory allocation failure\n");
+            goto err;
+        }
         BIO_printf(out, "%s\n\n", hexout);
     }
commit	17197a2f61d04314b465b71a4ce164b5e219f15c	[log] [tgz]
author	Matt Caswell <matt@openssl.org>	Tue Nov 26 17:15:20 2019 +0000
committer	Matt Caswell <matt@openssl.org>	Fri Nov 29 14:21:55 2019 +0000
tree	c29704c6ca5c958adb250a42581da3feabd9d3fb
parent	c1ff5994407bc093eca78eb2fd4f813b7ee581a2 [diff] [blame]