ssl3_get_certificate_request: check for NULL after allocating s->cert->ctypes
authorJonas Maebe <jonas.maebe@elis.ugent.be>
Sun, 8 Dec 2013 22:30:09 +0000 (23:30 +0100)
committerKurt Roeckx <kurt@roeckx.be>
Wed, 10 Dec 2014 17:35:17 +0000 (18:35 +0100)
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
ssl/s3_clnt.c

index c5f6ceb..e178fe1 100644 (file)
@@ -2145,6 +2145,11 @@ int ssl3_get_certificate_request(SSL *s)
                {
                /* If we exceed static buffer copy all to cert structure */
                s->cert->ctypes = OPENSSL_malloc(ctype_num);
+               if (s->cert->ctypes == NULL)
+                       {
+                       SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
+                       goto err;
+                       }
                memcpy(s->cert->ctypes, p, ctype_num);
                s->cert->ctype_num = (size_t)ctype_num;
                ctype_num=SSL3_CT_NUMBER;