The branch openssl-3.0 has been updated via 3948abaf4458aac66bf47546874d0fb5a73a78a0 (commit) from 88177b8092fb592508bb3798a05025c8bf341cc3 (commit)
- Log ----------------------------------------------------------------- commit 3948abaf4458aac66bf47546874d0fb5a73a78a0 Author: Jiasheng Jiang <jiash...@iscas.ac.cn> Date: Mon Feb 7 19:13:43 2022 +0800 dh_exch.c: Add check for OPENSSL_strdup Since the OPENSSL_strdup() may return NULL if allocation fails, it should be better to check the return value. Signed-off-by: Jiasheng Jiang <jiash...@iscas.ac.cn> Reviewed-by: Paul Dale <pa...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17651) (cherry picked from commit c920020f0bb13f0d2bf0fcad5c7ee63458b633b4) ----------------------------------------------------------------------- Summary of changes: providers/implementations/exchange/dh_exch.c | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/providers/implementations/exchange/dh_exch.c b/providers/implementations/exchange/dh_exch.c index cd92f26957..3cfb580687 100644 --- a/providers/implementations/exchange/dh_exch.c +++ b/providers/implementations/exchange/dh_exch.c @@ -292,7 +292,12 @@ static void *dh_dupctx(void *vpdhctx) if (dstctx->kdf_ukm == NULL) goto err; } - dstctx->kdf_cekalg = OPENSSL_strdup(srcctx->kdf_cekalg); + + if (srcctx->kdf_cekalg != NULL) { + dstctx->kdf_cekalg = OPENSSL_strdup(srcctx->kdf_cekalg); + if (dstctx->kdf_cekalg == NULL) + goto err; + } return dstctx; err: @@ -389,9 +394,16 @@ static int dh_set_ctx_params(void *vpdhctx, const OSSL_PARAM params[]) p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_CEK_ALG); if (p != NULL) { str = name; - if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(name))) - return 0; - pdhctx->kdf_cekalg = OPENSSL_strdup(name); + + OPENSSL_free(pdhctx->kdf_cekalg); + pdhctx->kdf_cekalg = NULL; + if (p->data != NULL && p->data_size != 0) { + if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(name))) + return 0; + pdhctx->kdf_cekalg = OPENSSL_strdup(name); + if (pdhctx->kdf_cekalg == NULL) + return 0; + } } return 1; }