SSL_set_session: check for NULL after allocating s->kssl_ctx->client_princ

Signed-off-by: N Kurt Roeckx <kurt@roeckx.be> Reviewed-by: N Matt Caswell <matt@openssl.org>

SSL_set_session: check for NULL after allocating s->kssl_ctx->client_princ
Signed-off-by: N Kurt Roeckx <kurt@roeckx.be> Reviewed-by: N Matt Caswell <matt@openssl.org>
fed5b552 · Jonas Maebe · Kurt Roeckx · e9e688ef · fed5b552
隐藏空白更改
内联并排

Showing with 5 addition and 0 deletion

ssl/ssl_sess.c ssl/ssl_sess.c +5 -0

未找到文件。
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -792,6 +792,11 @@ int SSL_set_session(SSL *s, SSL_SESSION *session)
                    session->krb5_client_princ_len > 0)
                {
                    s->kssl_ctx->client_princ = (char *)OPENSSL_malloc(session->krb5_client_princ_len + 1);
+                    if (s->kssl_ctx->client_princ == NULL)
+                    {
+                        SSLerr(SSL_F_SSL_SET_SESSION, ERR_R_MALLOC_FAILURE);
+                        return(0);
+                    }
                    memcpy(s->kssl_ctx->client_princ,session->krb5_client_princ,
                            session->krb5_client_princ_len);
                    s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0';