From 254f1c8019f4c2aa853208604f703deb8adfe131 Mon Sep 17 00:00:00 2001
From: Jonas Maebe <jonas.maebe@elis.ugent.be>
Date: Sun, 8 Dec 2013 22:45:58 +0100
Subject: [PATCH 1/1] get_cert_by_subject: check for NULL when allocating hent

Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
---
 crypto/x509/by_dir.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index c6602dae4f..8f3560a232 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -444,6 +444,13 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
 			if (!hent)
 				{
 				hent = OPENSSL_malloc(sizeof(BY_DIR_HASH));
+				if (hent == NULL)
+					{
+					CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+					X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE);
+					ok = 0;
+					goto finish;
+					}
 				hent->hash = h;
 				hent->suffix = k;
 				if (!sk_BY_DIR_HASH_push(ent->hashes, hent))
-- 
2.34.1