From f4e8c406bbb279eb8d96576475c808c2c769c687 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 8 Mar 2009 22:56:55 +0000 Subject: [PATCH] - Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the allocation of the memory BIO was not being properly checked. --- CHANGES | 3 +++ RELEASE-NOTES | 1 + lib/ssluse.c | 3 +++ 3 files changed, 7 insertions(+) diff --git a/CHANGES b/CHANGES index fef130a056..f6bfb7988e 100644 --- a/CHANGES +++ b/CHANGES @@ -7,6 +7,9 @@ Changelog Daniel Stenberg (8 Mar 2009) +- Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the + allocation of the memory BIO was not being properly checked. + - Andre Guibert de Bruet fixed the gnutls-using code: There are a few places in the gnutls code where we were checking for negative values for errors, when the man pages state that GNUTLS_E_SUCCESS is returned on success and diff --git a/RELEASE-NOTES b/RELEASE-NOTES index f0fbefacd5..3dbc5bece8 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -16,6 +16,7 @@ This release includes the following bugfixes: o NTLM authentication memory leak on SSPI enabled Windows builds o fixed the GnuTLS-using code to do correct return code checks + o an alloc-related call in the OpenSSL-using code didn't check the return value This release includes the following known bugs: diff --git a/lib/ssluse.c b/lib/ssluse.c index cb2a2163d8..eb645d5e7e 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -565,6 +565,9 @@ static int x509_name_oneline(X509_NAME *a, char *buf, size_t size) BUF_MEM *biomem; int rc; + if(!bio_out) + return 1; /* alloc failed! */ + rc = X509_NAME_print_ex(bio_out, a, 0, XN_FLAG_SEP_CPLUS_SPC); BIO_get_mem_ptr(bio_out, &biomem);