From e431363f8c241abd0dfe9b83dfc1cec1bdfe13ab Mon Sep 17 00:00:00 2001 From: Pauli Date: Tue, 19 Sep 2017 08:48:14 +1000 Subject: [PATCH] Add stack space reservations. Reviewed-by: Andy Polyakov (Merged from https://github.com/openssl/openssl/pull/4386) --- crypto/async/async.c | 4 +++- crypto/x509v3/v3_info.c | 9 ++++++--- ssl/ssl_cert.c | 8 ++++++-- ssl/ssl_lib.c | 4 +++- 4 files changed, 18 insertions(+), 7 deletions(-) diff --git a/crypto/async/async.c b/crypto/async/async.c index 1359b5061a..7678b489b3 100644 --- a/crypto/async/async.c +++ b/crypto/async/async.c @@ -342,6 +342,8 @@ int ASYNC_init_thread(size_t max_size, size_t init_size) OPENSSL_free(pool); return 0; } + if (!sk_ASYNC_JOB_reserve(pool->jobs, init_size)) + goto err; pool->max_size = max_size; @@ -358,7 +360,7 @@ int ASYNC_init_thread(size_t max_size, size_t init_size) break; } job->funcargs = NULL; - sk_ASYNC_JOB_push(pool->jobs, job); + sk_ASYNC_JOB_push(pool->jobs, job); /* Cannot fail due to reserve */ curr_size++; } pool->curr_size = curr_size; diff --git a/crypto/x509v3/v3_info.c b/crypto/x509v3/v3_info.c index c2c09499f8..6b98575cb0 100644 --- a/crypto/x509v3/v3_info.c +++ b/crypto/x509v3/v3_info.c @@ -107,20 +107,23 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD CONF_VALUE *cnf, ctmp; ACCESS_DESCRIPTION *acc; int i, objlen; + const int num = sk_CONF_VALUE_num(nval); char *objtmp, *ptmp; if ((ainfo = sk_ACCESS_DESCRIPTION_new_null()) == NULL) { X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); return NULL; } - for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { + if (!sk_ACCESS_DESCRIPTION_reserve(ainfo, num)) + goto err; + for (i = 0; i < num; i++) { cnf = sk_CONF_VALUE_value(nval, i); - if ((acc = ACCESS_DESCRIPTION_new()) == NULL - || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) { + if ((acc = ACCESS_DESCRIPTION_new()) == NULL) { X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); goto err; } + sk_ACCESS_DESCRIPTION_push(ainfo, acc); /* Cannot fail due to reserve */ ptmp = strchr(cnf->name, ';'); if (!ptmp) { X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index ba5fb653fe..a517cf11e6 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -460,6 +460,7 @@ static void set0_CA_list(STACK_OF(X509_NAME) **ca_list, STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk) { int i; + const int num = sk_X509_NAME_num(sk); STACK_OF(X509_NAME) *ret; X509_NAME *name; @@ -468,13 +469,16 @@ STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk) SSLerr(SSL_F_SSL_DUP_CA_LIST, ERR_R_MALLOC_FAILURE); return NULL; } - for (i = 0; i < sk_X509_NAME_num(sk); i++) { + if (!sk_X509_NAME_reserve(ret, num)) + return NULL; + for (i = 0; i < num; i++) { name = X509_NAME_dup(sk_X509_NAME_value(sk, i)); - if (name == NULL || !sk_X509_NAME_push(ret, name)) { + if (name == NULL) { sk_X509_NAME_pop_free(ret, X509_NAME_free); X509_NAME_free(name); return NULL; } + sk_X509_NAME_push(ret, name); /* Cannot fail after reserve call */ } return (ret); } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index e04feec2cd..85425a1887 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -161,6 +161,7 @@ static int ssl_dane_dup(SSL *to, SSL *from) if (!DANETLS_ENABLED(&from->dane)) return 1; + num = sk_danetls_record_num(from->dane.trecs); dane_final(&to->dane); to->dane.flags = from->dane.flags; to->dane.dctx = &to->ctx->dane; @@ -170,8 +171,9 @@ static int ssl_dane_dup(SSL *to, SSL *from) SSLerr(SSL_F_SSL_DANE_DUP, ERR_R_MALLOC_FAILURE); return 0; } + if (!sk_danetls_record_reserve(to->dane.trecs, num)) + return 0; - num = sk_danetls_record_num(from->dane.trecs); for (i = 0; i < num; ++i) { danetls_record *t = sk_danetls_record_value(from->dane.trecs, i); -- 2.34.1