projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d00b1d6)
ssl3_get_certificate_request: check for NULL after allocating s->cert->ctypes
authorJonas Maebe <jonas.maebe@elis.ugent.be>
Sun, 8 Dec 2013 22:30:09 +0000 (23:30 +0100)
committerKurt Roeckx <kurt@roeckx.be>
Wed, 10 Dec 2014 17:35:17 +0000 (18:35 +0100)
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
ssl/s3_clnt.c patch | blob | history

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index c5f6ceb5c0dc2d080b4e4368cfeb2c842fd4ee48..e178fe12ad3971280577467f6365bfb7a6833b91 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -2145,6 +2145,11 @@ int ssl3_get_certificate_request(SSL *s)
                {
                /* If we exceed static buffer copy all to cert structure */
                s->cert->ctypes = OPENSSL_malloc(ctype_num);
+               if (s->cert->ctypes == NULL)
+                       {
+                       SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
+                       goto err;
+                       }
                memcpy(s->cert->ctypes, p, ctype_num);
                s->cert->ctype_num = (size_t)ctype_num;
                ctype_num=SSL3_CT_NUMBER;
Unnamed repository; edit this file 'description' to name the repository.