dtls1_heartbeat: check for NULL after allocating s->cert->ctypes
authorJonas Maebe <jonas.maebe@elis.ugent.be>
Sun, 8 Dec 2013 22:29:43 +0000 (23:29 +0100)
committerKurt Roeckx <kurt@roeckx.be>
Thu, 4 Dec 2014 22:48:44 +0000 (23:48 +0100)
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
ssl/d1_both.c

index 41ef5cb..877a2bf 100644 (file)
@@ -1481,6 +1481,11 @@ dtls1_heartbeat(SSL *s)
         *  - Padding
         */
        buf = OPENSSL_malloc(1 + 2 + payload + padding);
+       if (buf == NULL)
+               {
+               SSLerr(SSL_F_DTLS1_HEARTBEAT, ERR_R_MALLOC_FAILURE);
+               return -1;
+               }
        p = buf;
        /* Message Type */
        *p++ = TLS1_HB_REQUEST;