diff options
| author | FdaSilvaYY <fdasilvayy@gmail.com> | 2016-06-04 00:15:19 +0200 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2016-06-23 14:03:29 +0100 |
| commit | 3c82e437bb3af822ea13cd5a24bab0745c556246 (patch) | |
| tree | fd9f622667bf9080451b96bc82e3715d23c31daa /ssl/ssl_cert.c | |
| parent | 687b48685931638ca5fca2a7d5e13516ad40ea4b (diff) | |
| download | openssl-3c82e437bb3af822ea13cd5a24bab0745c556246.zip openssl-3c82e437bb3af822ea13cd5a24bab0745c556246.tar.gz openssl-3c82e437bb3af822ea13cd5a24bab0745c556246.tar.bz2 | |
Add checks on sk_TYPE_push() returned result
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'ssl/ssl_cert.c')
| -rw-r--r-- | ssl/ssl_cert.c | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index d668afa..c6e2d09 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -470,11 +470,16 @@ STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk) X509_NAME *name; ret = sk_X509_NAME_new_null(); + if (ret == NULL) { + SSLerr(SSL_F_SSL_DUP_CA_LIST, ERR_R_MALLOC_FAILURE); + return NULL; + } for (i = 0; i < sk_X509_NAME_num(sk); i++) { name = X509_NAME_dup(sk_X509_NAME_value(sk, i)); - if ((name == NULL) || !sk_X509_NAME_push(ret, name)) { + if (name == NULL || !sk_X509_NAME_push(ret, name)) { sk_X509_NAME_pop_free(ret, X509_NAME_free); - return (NULL); + X509_NAME_free(name); + return NULL; } } return (ret); @@ -598,14 +603,18 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) if (lh_X509_NAME_retrieve(name_hash, xn) != NULL) { /* Duplicate. */ X509_NAME_free(xn); + xn = NULL; } else { - lh_X509_NAME_insert(name_hash, xn); - sk_X509_NAME_push(ret, xn); + if (!lh_X509_NAME_insert(name_hash, xn)) + goto err; + if (!sk_X509_NAME_push(ret, xn)) + goto err; } } goto done; err: + X509_NAME_free(xn); sk_X509_NAME_pop_free(ret, X509_NAME_free); ret = NULL; done: @@ -656,17 +665,20 @@ int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, xn = X509_NAME_dup(xn); if (xn == NULL) goto err; - if (sk_X509_NAME_find(stack, xn) >= 0) + if (sk_X509_NAME_find(stack, xn) >= 0) { + /* Duplicate. */ X509_NAME_free(xn); - else - sk_X509_NAME_push(stack, xn); + } else if (!sk_X509_NAME_push(stack, xn)) { + X509_NAME_free(xn); + goto err; + } } ERR_clear_error(); goto done; err: - ret = 0; + ret = 0; done: BIO_free(in); X509_free(x); |