[Bug 65717] New: Missing check for the return value of BIO_new()

bugzilla Wed, 01 Dec 2021 06:54:59 -0800

https://bz.apache.org/bugzilla/show_bug.cgi?id=65717


            Bug ID: 65717
           Summary: Missing check for the return value of BIO_new()
           Product: Apache httpd-2
           Version: 2.5-HEAD
          Hardware: PC
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_ssl
          Assignee: bugs@httpd.apache.org
          Reporter: xkernel.w...@foxmail.com
  Target Milestone: ---

Missing a check for the return value of BIO_new() in
https://github.com/apache/httpd/blob/d002199454f8bc841509cdffad1c695eeae2ca7e/modules/ssl/ssl_engine_vars.c#L1159
which may further result in wrong memory access when an internal memory error
happens in BIO_new().
This bug is at least from 2.4.51 in
httpd-2.4.51/modules/ssl/ssl_engine_vars.c:1086:24.

Similarly, there are several missing checks for BIO_new() in
https://github.com/apache/httpd/blob/4d8f1f96b6e6e47a822a8e0d4c3f59d76b38ee87/modules/ssl/ssl_engine_io.c#L2290
& 2292 & 2325 & 2327. And in 2.4.51, they are located in
httpd-2.4.51/modules/ssl/ssl_engine_io.c:2193 & 2195 & 2228 & 2230,
respectively. 

Once BIO_new() returns NULL, these places will make wrong memory access and
even result in corruption if lack of a valid check for BIO_new().

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org

[Bug 65717] New: Missing check for the return value of BIO_new()

Reply via email to