QuasarApp/openssl
4
0
Fork 0
mirror of https://github.com/QuasarApp/openssl.git synced 2025-05-16 11:29:42 +00:00
Code Issues Projects Releases Wiki Activity

Don't leak memory if realloc fails.

Browse Source 
RT#4403

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
This commit is contained in:
Dr. Stephen Henson 2016-05-11 21:14:57 +01:00
parent 3dfcb6a0ec
commit 7c0ef84318
5 changed files with 27 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
apps/apps.c
View File

@ -176,8 +176,6 @@ int chopup_args(ARGS *arg, char *buf)
if (arg->size == 0) { if (arg->size == 0) {
arg->size = 20; arg->size = 20;
arg->argv = app_malloc(sizeof(*arg->argv) * arg->size, "argv space"); arg->argv = app_malloc(sizeof(*arg->argv) * arg->size, "argv space");
if (arg->argv == NULL)
return 0;
} }
for (p = buf;;) { for (p = buf;;) {
@ -189,11 +187,12 @@ int chopup_args(ARGS *arg, char *buf)
/* The start of something good :-) */ /* The start of something good :-) */
if (arg->argc >= arg->size) { if (arg->argc >= arg->size) {
char **tmp;
arg->size += 20; arg->size += 20;
arg->argv = OPENSSL_realloc(arg->argv, tmp = OPENSSL_realloc(arg->argv, sizeof(*arg->argv) * arg->size);
sizeof(*arg->argv) * arg->size); if (tmp == NULL)
if (arg->argv == NULL)
return 0; return 0;
arg->argv = tmp;
} }
quoted = *p == '\'' || *p == '"'; quoted = *p == '\'' || *p == '"';
if (quoted) if (quoted)

12
apps/engine.c
View File

@ -107,13 +107,17 @@ static int append_buf(char **buf, int *size, const char *s)
} }
if (strlen(*buf) + strlen(s) >= (unsigned int)*size) { if (strlen(*buf) + strlen(s) >= (unsigned int)*size) {
char *tmp;
*size += 256; *size += 256;
*buf = OPENSSL_realloc(*buf, *size); tmp = OPENSSL_realloc(*buf, *size);
if (tmp == NULL) {
OPENSSL_free(*buf);
*buf = NULL;
return 0;
}
*buf = tmp;
} }
if (*buf == NULL)
return 0;
if (**buf != '\0') if (**buf != '\0')
OPENSSL_strlcat(*buf, ", ", *size); OPENSSL_strlcat(*buf, ", ", *size);
OPENSSL_strlcat(*buf, s, *size); OPENSSL_strlcat(*buf, s, *size);

6
crypto/modes/ocb128.c
View File

@ -147,6 +147,7 @@ static OCB_BLOCK *ocb_lookup_l(OCB128_CONTEXT *ctx, size_t idx)
/* We don't have it - so calculate it */ /* We don't have it - so calculate it */
if (idx >= ctx->max_l_index) { if (idx >= ctx->max_l_index) {
void *tmp_ptr;
/* /*
* Each additional entry allows to process almost double as * Each additional entry allows to process almost double as
* much data, so that in linear world the table will need to * much data, so that in linear world the table will need to
@ -157,10 +158,11 @@ static OCB_BLOCK *ocb_lookup_l(OCB128_CONTEXT *ctx, size_t idx)
* the index. * the index.
*/ */
ctx->max_l_index += (idx - ctx->max_l_index + 4) & ~3; ctx->max_l_index += (idx - ctx->max_l_index + 4) & ~3;
ctx->l = tmp_ptr =
OPENSSL_realloc(ctx->l, ctx->max_l_index * sizeof(OCB_BLOCK)); OPENSSL_realloc(ctx->l, ctx->max_l_index * sizeof(OCB_BLOCK));
if (ctx->l == NULL) if (tmp_ptr == NULL) /* prevent ctx->l from being clobbered */
return NULL; return NULL;
ctx->l = tmp_ptr;
} }
while (l_index < idx) { while (l_index < idx) {
ocb_double(ctx->l + l_index, ctx->l + l_index + 1); ocb_double(ctx->l + l_index, ctx->l + l_index + 1);

6
ssl/ssl_rsa.c
View File

@ -940,6 +940,7 @@ int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
{ {
unsigned char *serverinfo = NULL; unsigned char *serverinfo = NULL;
unsigned char *tmp;
size_t serverinfo_length = 0; size_t serverinfo_length = 0;
unsigned char *extension = 0; unsigned char *extension = 0;
long extension_length = 0; long extension_length = 0;
@ -999,12 +1000,13 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
goto end; goto end;
} }
/* Append the decoded extension to the serverinfo buffer */ /* Append the decoded extension to the serverinfo buffer */
serverinfo = tmp =
OPENSSL_realloc(serverinfo, serverinfo_length + extension_length); OPENSSL_realloc(serverinfo, serverinfo_length + extension_length);
if (serverinfo == NULL) { if (tmp == NULL) {
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE); SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE);
goto end; goto end;
} }
serverinfo = tmp;
memcpy(serverinfo + serverinfo_length, extension, extension_length); memcpy(serverinfo + serverinfo_length, extension, extension_length);
serverinfo_length += extension_length; serverinfo_length += extension_length;

12
ssl/t1_ext.c
View File

@ -205,7 +205,7 @@ static int custom_ext_meth_add(custom_ext_methods *exts,
void *add_arg, void *add_arg,
custom_ext_parse_cb parse_cb, void *parse_arg) custom_ext_parse_cb parse_cb, void *parse_arg)
{ {
custom_ext_method *meth; custom_ext_method *meth, *tmp;
/* /*
* Check application error: if add_cb is not set free_cb will never be * Check application error: if add_cb is not set free_cb will never be
* called. * called.
@ -225,15 +225,17 @@ static int custom_ext_meth_add(custom_ext_methods *exts,
/* Search for duplicate */ /* Search for duplicate */
if (custom_ext_find(exts, ext_type)) if (custom_ext_find(exts, ext_type))
return 0; return 0;
exts->meths = OPENSSL_realloc(exts->meths, tmp = OPENSSL_realloc(exts->meths,
(exts->meths_count + (exts->meths_count + 1) * sizeof(custom_ext_method));
1) * sizeof(custom_ext_method));
if (!exts->meths) { if (tmp == NULL) {
OPENSSL_free(exts->meths);
exts->meths = NULL;
exts->meths_count = 0; exts->meths_count = 0;
return 0; return 0;
} }
exts->meths = tmp;
meth = exts->meths + exts->meths_count; meth = exts->meths + exts->meths_count;
memset(meth, 0, sizeof(*meth)); memset(meth, 0, sizeof(*meth));
meth->parse_cb = parse_cb; meth->parse_cb = parse_cb;