projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
tls1_heartbeat: check for NULL after allocating buf
[openssl.git] / ssl / t1_lib.c
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 891cd1fdddf7d52af3eac1c086771c270fb58df5..8d5fd12903c2b83c151c88f2ad88e105742bcf41 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -4003,6 +4003,11 @@ tls1_process_heartbeat(SSL *s)
                 * payload, plus padding
                 */
                buffer = OPENSSL_malloc(1 + 2 + payload + padding);
+               if (buffer == NULL)
+                       {
+                       SSLerr(SSL_F_TLS1_PROCESS_HEARTBEAT,ERR_R_MALLOC_FAILURE);
+                       return -1;
+                       }
                bp = buffer;
                
                /* Enter response type, length and copy payload */
@@ -4089,6 +4094,11 @@ tls1_heartbeat(SSL *s)
         *  - Padding
         */
        buf = OPENSSL_malloc(1 + 2 + payload + padding);
+       if (buf == NULL)
+               {
+               SSLerr(SSL_F_TLS1_HEARTBEAT,ERR_R_MALLOC_FAILURE);
+               return -1;
+               }
        p = buf;
        /* Message Type */
        *p++ = TLS1_HB_REQUEST;
Unnamed repository; edit this file 'description' to name the repository.