check BIO_read return values

submitted by Jiasheng Jiang 
bz #65922


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1910268 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 16 insertions, 5 deletions

diff --git a/modules/ssl/ssl_util_ssl.c b/modules/ssl/ssl_util_ssl.c
index a6e3a9d3c6..a4c312b7fb 100644
--- a/modules/ssl/ssl_util_ssl.c
+++ b/modules/ssl/ssl_util_ssl.c
@@ -187,12 +187,16 @@ BOOL modssl_X509_getBC(X509 *cert, int *ca, int *pathlen)
 
 char *modssl_bio_free_read(apr_pool_t *p, BIO *bio)
 {
-    int len = BIO_pending(bio);
+    int len = BIO_pending(bio), tmp;
     char *result = NULL;
 
     if (len > 0) {
         result = apr_palloc(p, len+1);
-        len = BIO_read(bio, result, len);
+        tmp = len;
+        if ((len = BIO_read(bio, result, len)) != tmp) {
+            BIO_free(bio);
+            return NULL;
+        }
         result[len] = NUL;
     }
     BIO_free(bio);
@@ -236,7 +240,7 @@ char *modssl_X509_NAME_to_string(apr_pool_t *p, X509_NAME *dn, int maxlen)
 {
     char *result = NULL;
     BIO *bio;
-    int len;
+    int len, tmp;
 
     if ((bio = BIO_new(BIO_s_mem())) == NULL)
         return NULL;
@@ -245,13 +249,20 @@ char *modssl_X509_NAME_to_string(apr_pool_t *p, X509_NAME *dn, int maxlen)
     if (len > 0) {
         result = apr_palloc(p, (maxlen > 0) ? maxlen+1 : len+1);
         if (maxlen > 0 && maxlen < len) {
-            len = BIO_read(bio, result, maxlen);
+            if ((len = BIO_read(bio, result, maxlen)) != maxlen) {
+                BIO_free(bio);
+                return NULL;
+            }
             if (maxlen > 2) {
                 /* insert trailing ellipsis if there's enough space */
                 apr_snprintf(result + maxlen - 3, 4, "...");
             }
         } else {
-            len = BIO_read(bio, result, len);
+            tmp = len;
+            if ((len = BIO_read(bio, result, len)) != tmp) {
+                BIO_free(bio);
+                return NULL;
+            }
         }
         result[len] = NUL;
     }