The branch master has been updated
       via  41bff723c6784cc846054a4fd4add6dbec8c2c64 (commit)
      from  af58be768ebb690f78530f796e92b8ae5c9a4401 (commit)


- Log -----------------------------------------------------------------
commit 41bff723c6784cc846054a4fd4add6dbec8c2c64
Author: Matt Caswell <m...@openssl.org>
Date:   Wed Sep 21 15:49:28 2016 +0100

    Don't leak on an OPENSSL_realloc() failure
    
    If OPENSSL_sk_insert() calls OPENSSL_realloc() and it fails, it was leaking
    the originally allocated memory.
    
    Reviewed-by: Rich Salz <rs...@openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/stack/stack.c | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c
index 1d01936..43ddf30 100644
--- a/crypto/stack/stack.c
+++ b/crypto/stack/stack.c
@@ -126,6 +126,7 @@ int OPENSSL_sk_insert(OPENSSL_STACK *st, const void *data, 
int loc)
 
     if (st->num_alloc <= (size_t)(st->num + 1)) {
         size_t doub_num_alloc = st->num_alloc * 2;
+        const char **tmpdata;
 
         /* Overflow checks */
         if (doub_num_alloc < st->num_alloc)
@@ -135,17 +136,12 @@ int OPENSSL_sk_insert(OPENSSL_STACK *st, const void 
*data, int loc)
         if (doub_num_alloc > SIZE_MAX / sizeof(char *))
             return 0;
 
-        st->data = OPENSSL_realloc((char *)st->data,
-                                   sizeof(char *) * doub_num_alloc);
-        if (st->data == NULL) {
-            /*
-             * Reset these counters to prevent subsequent operations on
-             * (now non-existing) heap memory
-             */
-            st->num_alloc = 0;
-            st->num = 0;
+        tmpdata = OPENSSL_realloc((char *)st->data,
+                                  sizeof(char *) * doub_num_alloc);
+        if (tmpdata == NULL)
             return 0;
-        }
+
+        st->data = tmpdata;
         st->num_alloc = doub_num_alloc;
     }
     if ((loc >= st->num) || (loc < 0)) {
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

Reply via email to