summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authortedu <>2014-04-23 20:21:23 +0000
committertedu <>2014-04-23 20:21:23 +0000
commite3592fe2c0916765b0df5ec949819542f3898a70 (patch)
treec60d3b7cdc7d864e38819ddef5540c4964e6010f /src/lib
parent856c714a6ff8b0f85adf73bdb99087dcb8d70417 (diff)
downloadopenbsd-e3592fe2c0916765b0df5ec949819542f3898a70.tar.gz
openbsd-e3592fe2c0916765b0df5ec949819542f3898a70.tar.bz2
openbsd-e3592fe2c0916765b0df5ec949819542f3898a70.zip
if realloc failed, BIO_accept would leak memory and return NULL, causing
caller to crash. Fix leak and return an error instead. from Chad Loder
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libcrypto/bio/b_sock.c13
-rw-r--r--src/lib/libssl/src/crypto/bio/b_sock.c13
2 files changed, 22 insertions, 4 deletions
diff --git a/src/lib/libcrypto/bio/b_sock.c b/src/lib/libcrypto/bio/b_sock.c
index a6dd43f397..a7791b39e2 100644
--- a/src/lib/libcrypto/bio/b_sock.c
+++ b/src/lib/libcrypto/bio/b_sock.c
@@ -449,7 +449,7 @@ BIO_accept(int sock, char **addr)
449 int ret = -1; 449 int ret = -1;
450 unsigned long l; 450 unsigned long l;
451 unsigned short port; 451 unsigned short port;
452 char *p; 452 char *p, *tmp;
453 453
454 struct { 454 struct {
455 /* 455 /*
@@ -534,11 +534,19 @@ BIO_accept(int sock, char **addr)
534 p = *addr; 534 p = *addr;
535 if (p) { 535 if (p) {
536 *p = '\0'; 536 *p = '\0';
537 p = realloc(p, nl); 537 if (!(tmp = realloc(p, nl))) {
538 ret = -1;
539 free(p);
540 *addr = NULL;
541 BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
542 goto end;
543 }
544 p = tmp;
538 } else { 545 } else {
539 p = malloc(nl); 546 p = malloc(nl);
540 } 547 }
541 if (p == NULL) { 548 if (p == NULL) {
549 ret = -1;
542 BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE); 550 BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
543 goto end; 551 goto end;
544 } 552 }
@@ -553,6 +561,7 @@ BIO_accept(int sock, char **addr)
553 port = ntohs(sa.from.sa_in.sin_port); 561 port = ntohs(sa.from.sa_in.sin_port);
554 if (*addr == NULL) { 562 if (*addr == NULL) {
555 if ((p = malloc(24)) == NULL) { 563 if ((p = malloc(24)) == NULL) {
564 ret = -1;
556 BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE); 565 BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
557 goto end; 566 goto end;
558 } 567 }
diff --git a/src/lib/libssl/src/crypto/bio/b_sock.c b/src/lib/libssl/src/crypto/bio/b_sock.c
index a6dd43f397..a7791b39e2 100644
--- a/src/lib/libssl/src/crypto/bio/b_sock.c
+++ b/src/lib/libssl/src/crypto/bio/b_sock.c
@@ -449,7 +449,7 @@ BIO_accept(int sock, char **addr)
449 int ret = -1; 449 int ret = -1;
450 unsigned long l; 450 unsigned long l;
451 unsigned short port; 451 unsigned short port;
452 char *p; 452 char *p, *tmp;
453 453
454 struct { 454 struct {
455 /* 455 /*
@@ -534,11 +534,19 @@ BIO_accept(int sock, char **addr)
534 p = *addr; 534 p = *addr;
535 if (p) { 535 if (p) {
536 *p = '\0'; 536 *p = '\0';
537 p = realloc(p, nl); 537 if (!(tmp = realloc(p, nl))) {
538 ret = -1;
539 free(p);
540 *addr = NULL;
541 BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
542 goto end;
543 }
544 p = tmp;
538 } else { 545 } else {
539 p = malloc(nl); 546 p = malloc(nl);
540 } 547 }
541 if (p == NULL) { 548 if (p == NULL) {
549 ret = -1;
542 BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE); 550 BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
543 goto end; 551 goto end;
544 } 552 }
@@ -553,6 +561,7 @@ BIO_accept(int sock, char **addr)
553 port = ntohs(sa.from.sa_in.sin_port); 561 port = ntohs(sa.from.sa_in.sin_port);
554 if (*addr == NULL) { 562 if (*addr == NULL) {
555 if ((p = malloc(24)) == NULL) { 563 if ((p = malloc(24)) == NULL) {
564 ret = -1;
556 BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE); 565 BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
557 goto end; 566 goto end;
558 } 567 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-24 08:04:36 +0000