Add checks on CRYPTO_set_ex_data return value

Fix possible leak in danetest.c Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
2025-01-30 14:01:55 +08:00 · 2016-02-14 10:42:29 +01:00 · 2016-02-14 10:42:29 +01:00 · e5a5e3f3db
commit e5a5e3f3db
parent a98810bfac
3 changed files with 12 additions and 10 deletions
--- a/crypto/engine/eng_dyn.c
+++ b/crypto/engine/eng_dyn.c
@ -154,6 +154,7 @@ static void dynamic_data_ctx_free_func(void *parent, void *ptr,
 static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
 {
    dynamic_data_ctx *c = OPENSSL_zalloc(sizeof(*c));
+    int ret = 1;

    if (c == NULL) {
        ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
@ -173,9 +174,11 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
                                                       dynamic_ex_data_idx))
        == NULL) {
        /* Good, we're the first */
-        ENGINE_set_ex_data(e, dynamic_ex_data_idx, c);
-        *ctx = c;
-        c = NULL;
+        ret = ENGINE_set_ex_data(e, dynamic_ex_data_idx, c);
+        if (ret) {
+            *ctx = c;
+            c = NULL;
+        }
    }
    CRYPTO_THREAD_unlock(global_engine_lock);
    /*
@ -185,7 +188,7 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
    if (c)
        sk_OPENSSL_STRING_free(c->dirs);
    OPENSSL_free(c);
-    return 1;
+    return ret;
 }

 /*
--- a/test/danetest.c
+++ b/test/danetest.c
@ -74,7 +74,7 @@ static void print_errors(void)

 static int verify_chain(SSL *ssl, STACK_OF(X509) *chain)
 {
-    int ret;
+    int ret = -1;
    X509_STORE_CTX *store_ctx;
    SSL_CTX *ssl_ctx = SSL_get_SSL_CTX(ssl);
    X509_STORE *store = SSL_CTX_get_cert_store(ssl_ctx);
@ -85,8 +85,9 @@ static int verify_chain(SSL *ssl, STACK_OF(X509) *chain)
        return -1;

    if (!X509_STORE_CTX_init(store_ctx, store, cert, chain))
-        return 0;
-    X509_STORE_CTX_set_ex_data(store_ctx, store_ctx_idx, ssl);
+        goto end;
+    if (!X509_STORE_CTX_set_ex_data(store_ctx, store_ctx_idx, ssl))
+        goto end;

    X509_STORE_CTX_set_default(store_ctx,
            SSL_is_server(ssl) ? "ssl_client" : "ssl_server");
@ -101,6 +102,7 @@ static int verify_chain(SSL *ssl, STACK_OF(X509) *chain)

    SSL_set_verify_result(ssl, X509_STORE_CTX_get_error(store_ctx));
    X509_STORE_CTX_cleanup(store_ctx);
+end:
    X509_STORE_CTX_free(store_ctx);

    return (ret);
--- a/util/indent.pro
+++ b/util/indent.pro
@ -187,10 +187,7 @@
 -T CRYPTO_EX_DATA_FUNCS
 -T CRYPTO_EX_DATA_IMPL
 -T CRYPTO_EX_dup
-T CRYPTO_EX_dup
 -T CRYPTO_EX_free
-T CRYPTO_EX_free
-T CRYPTO_EX_new
 -T CRYPTO_EX_new
 -T CRYPTO_MEM_LEAK_CB
 -T CRYPTO_THREADID