- Check for failed malloc() in ssl_set_hostname() and x509_get_entries() (Closes ticket #47, found by Hugo Leisink)

2024-11-22 12:05:36 +01:00 · 2012-01-13 13:44:06 +00:00 · 2012-01-13 13:44:06 +00:00 · b15b851d6d
commit b15b851d6d
parent 8b21f7a55d
4 changed files with 13 additions and 1 deletions
--- a/5
+++ b/5
@ -1,5 +1,10 @@
 PolarSSL ChangeLog

+= Version Trunk
+Bugfix
+   * Check for failed malloc() in ssl_set_hostname() and x509_get_entries()
+     (Closes ticket #47, found by Hugo Leisink)
+
 = Version 1.1.0 released on 2011-12-22
 Features
   * Added ssl_session_reset() to allow better multi-connection pools of
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@ -562,7 +562,7 @@ int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx );
 * \param ssl      SSL context
 * \param hostname the server hostname
 *
- * \return         0 if successful
+ * \return         0 if successful or POLARSSL_ERR_SSL_MALLOC_FAILED
 */
 int ssl_set_hostname( ssl_context *ssl, const char *hostname );

--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -1913,6 +1913,9 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname )
    ssl->hostname_len = strlen( hostname );
    ssl->hostname = (unsigned char *) malloc( ssl->hostname_len + 1 );

+    if( ssl->hostname == NULL )
+        return( POLARSSL_ERR_SSL_MALLOC_FAILED );
+
    memcpy( ssl->hostname, (unsigned char *) hostname,
            ssl->hostname_len );
    
--- a/library/x509parse.c
+++ b/library/x509parse.c
@ -968,6 +968,10 @@ static int x509_get_entries( unsigned char **p,
        if ( *p < end )
        {
            cur_entry->next = malloc( sizeof( x509_crl_entry ) );
+
+            if( cur_entry->next == NULL )
+                return( POLARSSL_ERR_X509_MALLOC_FAILED );
+
            cur_entry = cur_entry->next;
            memset( cur_entry, 0, sizeof( x509_crl_entry ) );
        }