mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-21 01:15:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

trace: fix out-of-bound memory access

Browse Source 
When OSSL_trace_get_category_num() is called with an unknown category
name, it returns -1. This case needs to be considered in order to
avoid out-of-bound memory access to the `trace_channels` array.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8552)
This commit is contained in:
Dr. Matthias St. Pierre 2019-03-21 00:56:36 +01:00
parent 0fda9f7c29
commit 6a411436a5
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
crypto/trace.c
View File

@ -431,7 +431,8 @@ int OSSL_trace_enabled(int category)
int ret = 0; int ret = 0;
#ifndef OPENSSL_NO_TRACE #ifndef OPENSSL_NO_TRACE
category = ossl_trace_get_category(category); category = ossl_trace_get_category(category);
ret = trace_channels[category].bio != NULL; if (category >= 0)
ret = trace_channels[category].bio != NULL;
#endif #endif
return ret; return ret;
} }
@ -443,6 +444,9 @@ BIO *OSSL_trace_begin(int category)
char *prefix = NULL; char *prefix = NULL;
category = ossl_trace_get_category(category); category = ossl_trace_get_category(category);
if (category < 0)
return NULL;
channel = trace_channels[category].bio; channel = trace_channels[category].bio;
prefix = trace_channels[category].prefix; prefix = trace_channels[category].prefix;