提交 3b3ecce1 编写于 作者: K Kurt Roeckx 提交者: Matt Caswell

Set authkey to NULL and check malloc return value.

上级 00f3a236
...@@ -1381,7 +1381,7 @@ static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr) ...@@ -1381,7 +1381,7 @@ static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
bio_dgram_sctp_data *data = NULL; bio_dgram_sctp_data *data = NULL;
socklen_t sockopt_len = 0; socklen_t sockopt_len = 0;
struct sctp_authkeyid authkeyid; struct sctp_authkeyid authkeyid;
struct sctp_authkey *authkey; struct sctp_authkey *authkey = NULL;
data = (bio_dgram_sctp_data *)b->ptr; data = (bio_dgram_sctp_data *)b->ptr;
...@@ -1436,6 +1436,11 @@ static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr) ...@@ -1436,6 +1436,11 @@ static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
/* Add new key */ /* Add new key */
sockopt_len = sizeof(struct sctp_authkey) + 64 * sizeof(uint8_t); sockopt_len = sizeof(struct sctp_authkey) + 64 * sizeof(uint8_t);
authkey = OPENSSL_malloc(sockopt_len); authkey = OPENSSL_malloc(sockopt_len);
if (authkey == NULL)
{
ret = -1;
break;
}
memset(authkey, 0x00, sockopt_len); memset(authkey, 0x00, sockopt_len);
authkey->sca_keynumber = authkeyid.scact_keynumber + 1; authkey->sca_keynumber = authkeyid.scact_keynumber + 1;
#ifndef __FreeBSD__ #ifndef __FreeBSD__
...@@ -1448,6 +1453,7 @@ static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr) ...@@ -1448,6 +1453,7 @@ static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey, sockopt_len); ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey, sockopt_len);
OPENSSL_free(authkey); OPENSSL_free(authkey);
authkey = NULL;
if (ret < 0) break; if (ret < 0) break;
/* Reset active key */ /* Reset active key */
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册