Fix err checking and mem leaks of BIO_set_conn_port and BIO_set_conn_address

Reviewed-by: N Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: N Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11986)

Fix err checking and mem leaks of BIO_set_conn_port and BIO_set_conn_address
Reviewed-by: N Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: N Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11986)
c0fff24e · Dr. David von Oheimb · 9ac916c7 · c0fff24e
隐藏空白更改
内联并排

Showing with 18 addition and 7 deletion

crypto/bio/bss_conn.c crypto/bio/bss_conn.c +18 -7

未找到文件。
--- a/crypto/bio/bss_conn.c
+++ b/crypto/bio/bss_conn.c
@@ -438,12 +438,13 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
    case BIO_C_SET_CONNECT:
        if (ptr != NULL) {
            b->init = 1;
-            if (num == 0) {
+            if (num == 0) { /* BIO_set_conn_hostname */
                char *hold_service = data->param_service;
                /* We affect the hostname regardless.  However, the input
                 * string might contain a host:service spec, so we must
                 * parse it, which might or might not affect the service
                 */
+
                OPENSSL_free(data->param_hostname);
                data->param_hostname = NULL;
                ret = BIO_parse_hostserv(ptr,
@@ -452,19 +453,29 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
                                         BIO_PARSE_PRIO_HOST);
                if (hold_service != data->param_service)
                    OPENSSL_free(hold_service);
-            } else if (num == 1) {
+            } else if (num == 1) { /* BIO_set_conn_port */
                OPENSSL_free(data->param_service);
-                data->param_service = OPENSSL_strdup(ptr);
-            } else if (num == 2) {
+                if ((data->param_service = OPENSSL_strdup(ptr)) == NULL)
+                    ret = 0;
+            } else if (num == 2) { /* BIO_set_conn_address */
                const BIO_ADDR *addr = (const BIO_ADDR *)ptr;
+                char *host = BIO_ADDR_hostname_string(addr, 1);
+                char *service = BIO_ADDR_service_string(addr, 1);
+
+                ret = host != NULL && service != NULL;
                if (ret) {
-                    data->param_hostname = BIO_ADDR_hostname_string(addr, 1);
-                    data->param_service = BIO_ADDR_service_string(addr, 1);
+                    OPENSSL_free(data->param_hostname);
+                    data->param_hostname = host;
+                    OPENSSL_free(data->param_service);
+                    data->param_service = service;
                    BIO_ADDRINFO_free(data->addr_first);
                    data->addr_first = NULL;
                    data->addr_iter = NULL;
+                } else {
+                    OPENSSL_free(host);
+                    OPENSSL_free(service);
                }
-            } else if (num == 3) {
+            } else if (num == 3) { /* BIO_set_conn_ip_family */
                data->connect_family = *(int *)ptr;
            } else {
                ret = 0;