Add the check after calling OPENSSL_strdup

Since the potential failure of the memory allocation, the OPENSSL_strdup() could return NULL pointer. Therefore, it should be better to check it in order to guarantee the success of the configuration, same as the check for SSL_CTX_set_srp_username(). Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17643)
author: Jiasheng Jiang <jiasheng@iscas.ac.cn> 2022-02-05 19:31:11 +0800
committer: Pauli <pauli@openssl.org> 2022-02-09 10:45:12 +1100
commit: 09030ee73693411c19b596cb0e0f43eb512ac0e6 (patch)
tree: 2fbe88bb3b2598ebf924ca236af0dde4e5138c08 /test/helpers
parent: 29af9fba64fd3e4e086808f2360501b463627ea2 (diff)
download: openssl-new-09030ee73693411c19b596cb0e0f43eb512ac0e6.tar.gz
1 files changed, 16 insertions, 0 deletions
diff --git a/test/helpers/handshake_srp.c b/test/helpers/handshake_srp.c
index f18e5c81a6..11825d1dca 100644
--- a/test/helpers/handshake_srp.c
+++ b/test/helpers/handshake_srp.c
@@ -49,6 +49,13 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
         SSL_CTX_set_srp_username_callback(server_ctx, server_srp_cb);
         server_ctx_data->srp_user = OPENSSL_strdup(extra->server.srp_user);
         server_ctx_data->srp_password = OPENSSL_strdup(extra->server.srp_password);
+        if (server_ctx_data->srp_user == NULL || server_ctx_data->srp_password == NULL) {
+            OPENSSL_free(server_ctx_data->srp_user);
+            OPENSSL_free(server_ctx_data->srp_password);
+            server_ctx_data->srp_user = NULL;
+            server_ctx_data->srp_password = NULL;
+            return 0;
+        }
         SSL_CTX_set_srp_cb_arg(server_ctx, server_ctx_data);
     }
     if (extra->server2.srp_user != NULL) {
@@ -57,6 +64,13 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
         SSL_CTX_set_srp_username_callback(server2_ctx, server_srp_cb);
         server2_ctx_data->srp_user = OPENSSL_strdup(extra->server2.srp_user);
         server2_ctx_data->srp_password = OPENSSL_strdup(extra->server2.srp_password);
+        if (server2_ctx_data->srp_user == NULL || server2_ctx_data->srp_password == NULL) {
+            OPENSSL_free(server2_ctx_data->srp_user);
+            OPENSSL_free(server2_ctx_data->srp_password);
+            server2_ctx_data->srp_user = NULL;
+            server2_ctx_data->srp_password = NULL;
+            return 0;
+        }
         SSL_CTX_set_srp_cb_arg(server2_ctx, server2_ctx_data);
     }
     if (extra->client.srp_user != NULL) {
@@ -65,6 +79,8 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
             return 0;
         SSL_CTX_set_srp_client_pwd_callback(client_ctx, client_srp_cb);
         client_ctx_data->srp_password = OPENSSL_strdup(extra->client.srp_password);
+        if (client_ctx_data->srp_password == NULL)
+            return 0;
         SSL_CTX_set_srp_cb_arg(client_ctx, client_ctx_data);
     }
     return 1;
author	Jiasheng Jiang <jiasheng@iscas.ac.cn>	2022-02-05 19:31:11 +0800
committer	Pauli <pauli@openssl.org>	2022-02-09 10:45:12 +1100
commit	09030ee73693411c19b596cb0e0f43eb512ac0e6 (patch)
tree	2fbe88bb3b2598ebf924ca236af0dde4e5138c08 /test/helpers
parent	29af9fba64fd3e4e086808f2360501b463627ea2 (diff)
download	openssl-new-09030ee73693411c19b596cb0e0f43eb512ac0e6.tar.gz