get_cert_by_subject: check for NULL when allocating hent
authorJonas Maebe <jonas.maebe@elis.ugent.be>
Sun, 8 Dec 2013 21:45:58 +0000 (22:45 +0100)
committerKurt Roeckx <kurt@roeckx.be>
Sun, 17 Aug 2014 16:55:01 +0000 (18:55 +0200)
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
crypto/x509/by_dir.c

index c6602da..8f3560a 100644 (file)
@@ -444,6 +444,13 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
                        if (!hent)
                                {
                                hent = OPENSSL_malloc(sizeof(BY_DIR_HASH));
+                               if (hent == NULL)
+                                       {
+                                       CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+                                       X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE);
+                                       ok = 0;
+                                       goto finish;
+                                       }
                                hent->hash = h;
                                hent->suffix = k;
                                if (!sk_BY_DIR_HASH_push(ent->hashes, hent))