serverinfo_process_buffer: check result of realloc(ctx->cert->key->serverinfo) and don't leak memory if it fails Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org>
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 6f9337e..006c02e 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c
@@ -948,6 +948,8 @@ int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo, size_t serverinfo_length) { + unsigned char *new_serverinfo; + if (ctx == NULL || serverinfo == NULL || serverinfo_length == 0) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO,ERR_R_PASSED_NULL_PARAMETER); @@ -968,13 +970,14 @@ SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO,ERR_R_INTERNAL_ERROR); return 0; } - ctx->cert->key->serverinfo = OPENSSL_realloc(ctx->cert->key->serverinfo, + new_serverinfo = OPENSSL_realloc(ctx->cert->key->serverinfo, serverinfo_length); - if (ctx->cert->key->serverinfo == NULL) + if (new_serverinfo == NULL) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO,ERR_R_MALLOC_FAILURE); return 0; } + ctx->cert->key->serverinfo = new_serverinfo; memcpy(ctx->cert->key->serverinfo, serverinfo, serverinfo_length); ctx->cert->key->serverinfo_length = serverinfo_length;