From 14def5f5375594830597cc153e11c6017f6adddf Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Sat, 9 May 2015 13:51:25 +0800 Subject: [PATCH] Check sk_SSL_CIPHER_new_null return value If sk_SSL_CIPHER_new_null() returns NULL then ssl_bytes_to_cipher_list() should also return NULL. Based on an original patch by mrpre . Reviewed-by: Rich Salz --- ssl/ssl_lib.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 0a2c04e741..8f74ef10b4 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1483,9 +1483,13 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); return (NULL); } - if ((skp == NULL) || (*skp == NULL)) + if ((skp == NULL) || (*skp == NULL)) { sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */ - else { + if(sk == NULL) { + SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE); + return NULL; + } + } else { sk = *skp; sk_SSL_CIPHER_zero(sk); } -- 2.25.1