From: Matt Caswell Date: Sat, 9 May 2015 05:51:25 +0000 (+0800) Subject: Check sk_SSL_CIPHER_new_null return value X-Git-Tag: OpenSSL_1_1_0-pre1~1173 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=14def5f5375594830597cc153e11c6017f6adddf;p=oweals%2Fopenssl.git Check sk_SSL_CIPHER_new_null return value If sk_SSL_CIPHER_new_null() returns NULL then ssl_bytes_to_cipher_list() should also return NULL. Based on an original patch by mrpre . Reviewed-by: Rich Salz --- diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 0a2c04e741..8f74ef10b4 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1483,9 +1483,13 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); return (NULL); } - if ((skp == NULL) || (*skp == NULL)) + if ((skp == NULL) || (*skp == NULL)) { sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */ - else { + if(sk == NULL) { + SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE); + return NULL; + } + } else { sk = *skp; sk_SSL_CIPHER_zero(sk); }