Skip to content

O
openssl

btwise / openssl

通知 1
Star 0
Fork 0
O
openssl

体验新版 GitCode,发现更多精彩内容 >>

提交 366a1626 编写于 作者: J Jiasheng Jiang 提交者: Tomas Mraz
浏览文件
操作

crypto/x509/v3_utl.c: Add missing check for OPENSSL_strndup 

Since the potential failure of memory allocation, it
should be better to check the return value of the
OPENSSL_strndup(), like x509v3_add_len_value().
And following the comment of 'if (astrlen < 0)',
return -1 if fails.
Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NPaul Dale <pauli@openssl.org>
Reviewed-by: NTomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17737)
上级 885d97fb
隐藏空白更改
内联 并排
Showing with 10 addition and 2 deletion
crypto/x509/v3_utl.c
浏览文件 @ 366a1626
......@@ -833,8 +833,11 @@ static int do_check_string(const ASN1_STRING *a, int cmp_type, equal_fn equal,
rv = equal(a->data, a->length, (unsigned char *)b, blen, flags);
else if (a->length == (int)blen && !memcmp(a->data, b, blen))
rv = 1;
if (rv > 0 && peername)
if (rv > 0 && peername != NULL) {
*peername = OPENSSL_strndup((char *)a->data, a->length);
if (*peername == NULL)
return -1;
}
} else {
int astrlen;
unsigned char *astr;
......@@ -847,8 +850,13 @@ static int do_check_string(const ASN1_STRING *a, int cmp_type, equal_fn equal,
return -1;
}
rv = equal(astr, astrlen, (unsigned char *)b, blen, flags);
if (rv > 0 && peername)
if (rv > 0 && peername != NULL) {
*peername = OPENSSL_strndup((char *)astr, astrlen);
if (*peername == NULL) {
OPENSSL_free(astr);
return -1;
}
}
OPENSSL_free(astr);
}
return rv;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册