Add checks on sk_TYPE_push() returned result Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>

commit: 3c82e437bb3af822ea13cd5a24bab0745c556246 [log] [tgz]
author: FdaSilvaYY <fdasilvayy@gmail.com> Sat Jun 04 00:15:19 2016 +0200
committer: Matt Caswell <matt@openssl.org> Thu Jun 23 14:03:29 2016 +0100
tree: fd9f622667bf9080451b96bc82e3715d23c31daa
parent: 687b48685931638ca5fca2a7d5e13516ad40ea4b [diff] [blame]
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 44dac24..bd831bc 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c

@@ -3410,10 +3410,15 @@
         /* A Thawte special :-) */
     case SSL_CTRL_EXTRA_CHAIN_CERT:
         if (ctx->extra_certs == NULL) {
-            if ((ctx->extra_certs = sk_X509_new_null()) == NULL)
-                return (0);
+            if ((ctx->extra_certs = sk_X509_new_null()) == NULL) {
+                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
+                return 0;
+            }
         }
-        sk_X509_push(ctx->extra_certs, (X509 *)parg);
+        if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) {
+            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
         break;
 
     case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
commit	3c82e437bb3af822ea13cd5a24bab0745c556246	[log] [tgz]
author	FdaSilvaYY <fdasilvayy@gmail.com>	Sat Jun 04 00:15:19 2016 +0200
committer	Matt Caswell <matt@openssl.org>	Thu Jun 23 14:03:29 2016 +0100
tree	fd9f622667bf9080451b96bc82e3715d23c31daa
parent	687b48685931638ca5fca2a7d5e13516ad40ea4b [diff] [blame]