The branch master has been updated via 09030ee73693411c19b596cb0e0f43eb512ac0e6 (commit) from 29af9fba64fd3e4e086808f2360501b463627ea2 (commit)
- Log ----------------------------------------------------------------- commit 09030ee73693411c19b596cb0e0f43eb512ac0e6 Author: Jiasheng Jiang <jiash...@iscas.ac.cn> Date: Sat Feb 5 19:31:11 2022 +0800 Add the check after calling OPENSSL_strdup Since the potential failure of the memory allocation, the OPENSSL_strdup() could return NULL pointer. Therefore, it should be better to check it in order to guarantee the success of the configuration, same as the check for SSL_CTX_set_srp_username(). Signed-off-by: Jiasheng Jiang <jiash...@iscas.ac.cn> Reviewed-by: Matt Caswell <m...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> Reviewed-by: Paul Dale <pa...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17643) ----------------------------------------------------------------------- Summary of changes: test/helpers/handshake_srp.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/test/helpers/handshake_srp.c b/test/helpers/handshake_srp.c index f18e5c81a6..11825d1dca 100644 --- a/test/helpers/handshake_srp.c +++ b/test/helpers/handshake_srp.c @@ -49,6 +49,13 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, SSL_CTX_set_srp_username_callback(server_ctx, server_srp_cb); server_ctx_data->srp_user = OPENSSL_strdup(extra->server.srp_user); server_ctx_data->srp_password = OPENSSL_strdup(extra->server.srp_password); + if (server_ctx_data->srp_user == NULL || server_ctx_data->srp_password == NULL) { + OPENSSL_free(server_ctx_data->srp_user); + OPENSSL_free(server_ctx_data->srp_password); + server_ctx_data->srp_user = NULL; + server_ctx_data->srp_password = NULL; + return 0; + } SSL_CTX_set_srp_cb_arg(server_ctx, server_ctx_data); } if (extra->server2.srp_user != NULL) { @@ -57,6 +64,13 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, SSL_CTX_set_srp_username_callback(server2_ctx, server_srp_cb); server2_ctx_data->srp_user = OPENSSL_strdup(extra->server2.srp_user); server2_ctx_data->srp_password = OPENSSL_strdup(extra->server2.srp_password); + if (server2_ctx_data->srp_user == NULL || server2_ctx_data->srp_password == NULL) { + OPENSSL_free(server2_ctx_data->srp_user); + OPENSSL_free(server2_ctx_data->srp_password); + server2_ctx_data->srp_user = NULL; + server2_ctx_data->srp_password = NULL; + return 0; + } SSL_CTX_set_srp_cb_arg(server2_ctx, server2_ctx_data); } if (extra->client.srp_user != NULL) { @@ -65,6 +79,8 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, return 0; SSL_CTX_set_srp_client_pwd_callback(client_ctx, client_srp_cb); client_ctx_data->srp_password = OPENSSL_strdup(extra->client.srp_password); + if (client_ctx_data->srp_password == NULL) + return 0; SSL_CTX_set_srp_cb_arg(client_ctx, client_ctx_data); } return 1;