check the return value of CRYPTO_strdup()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17741)
diff --git a/apps/req.c b/apps/req.c
index 45de46d..76b337f 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -1588,6 +1588,13 @@
*pkeytype = OPENSSL_strndup(keytype, keytypelen);
else
*pkeytype = OPENSSL_strdup(keytype);
+
+ if (*pkeytype == NULL) {
+ BIO_printf(bio_err, "Out of memory\n");
+ EVP_PKEY_free(param);
+ return NULL;
+ }
+
if (keylen >= 0)
*pkeylen = keylen;
diff --git a/apps/s_client.c b/apps/s_client.c
index cbce988..2085956 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -811,7 +811,7 @@
char *cert_file = NULL, *key_file = NULL, *chain_file = NULL;
char *chCApath = NULL, *chCAfile = NULL, *chCAstore = NULL, *host = NULL;
char *thost = NULL, *tport = NULL;
- char *port = OPENSSL_strdup(PORT);
+ char *port = NULL;
char *bindhost = NULL, *bindport = NULL;
char *passarg = NULL, *pass = NULL;
char *vfyCApath = NULL, *vfyCAfile = NULL, *vfyCAstore = NULL;
@@ -914,10 +914,11 @@
c_debug = 0;
c_showcerts = 0;
c_nbio = 0;
+ port = OPENSSL_strdup(PORT);
vpm = X509_VERIFY_PARAM_new();
cctx = SSL_CONF_CTX_new();
- if (vpm == NULL || cctx == NULL) {
+ if (port == NULL || vpm == NULL || cctx == NULL) {
BIO_printf(bio_err, "%s: out of memory\n", opt_getprog());
goto end;
}