As the potential failure of the OPENSSL_strdup(), it should
be better to check the return value and return error if fails.
Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18624)
current_url = redirection_url;
if (*redirection_url == '/') { /* redirection to same server */
path = OPENSSL_strdup(redirection_url);
+ if (path == NULL) {
+ OPENSSL_free(host);
+ OPENSSL_free(port);
+ (void)OSSL_HTTP_close(rctx, 1);
+ BIO_free(resp);
+ OPENSSL_free(current_url);
+ return NULL;
+ }
goto new_rpath;
}
OPENSSL_free(host);