err_set_debug(): Prevent possible recursion on malloc failure

Fixes #19331 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19332)
author: Tomas Mraz <tomas@openssl.org> 2022-10-03 10:40:40 +0200
committer: Tomas Mraz <tomas@openssl.org> 2022-10-04 15:34:15 +0200
commit: ed49476a16b8ff2688a53a2ba7e011e6911620f8 (patch)
tree: 9df0197be457761ffe7704a954b203b19ebc3297 /crypto/err/err_local.h
parent: armcap: skip probing _armv7_tick() (diff)
download: openssl-ed49476a16b8ff2688a53a2ba7e011e6911620f8.tar.xz
openssl-ed49476a16b8ff2688a53a2ba7e011e6911620f8.zip
1 files changed, 6 insertions, 2 deletions
diff --git a/crypto/err/err_local.h b/crypto/err/err_local.h
index d4e19dff24..7d785ab618 100644
--- a/crypto/err/err_local.h
+++ b/crypto/err/err_local.h
@@ -7,6 +7,7 @@
  * https://www.openssl.org/source/license.html
  */
 
+#include <string.h>
 #include <openssl/err.h>
 #include <openssl/e_os2.h>
 
@@ -56,8 +57,11 @@ static ossl_inline void err_set_debug(ERR_STATE *es, size_t i,
     OPENSSL_free(es->err_file[i]);
     if (file == NULL || file[0] == '\0')
         es->err_file[i] = NULL;
-    else
-        es->err_file[i] = OPENSSL_strdup(file);
+    else if ((es->err_file[i] = CRYPTO_malloc(strlen(file) + 1,
+                                              NULL, 0)) != NULL)
+        /* We cannot use OPENSSL_strdup due to possible recursion */
+        strcpy(es->err_file[i], file);
+
     es->err_line[i] = line;
     OPENSSL_free(es->err_func[i]);
     if (fn == NULL || fn[0] == '\0')
author	Tomas Mraz <tomas@openssl.org>	2022-10-03 10:40:40 +0200
committer	Tomas Mraz <tomas@openssl.org>	2022-10-04 15:34:15 +0200
commit	ed49476a16b8ff2688a53a2ba7e011e6911620f8 (patch)
tree	9df0197be457761ffe7704a954b203b19ebc3297 /crypto/err/err_local.h
parent	armcap: skip probing _armv7_tick() (diff)
download	openssl-ed49476a16b8ff2688a53a2ba7e011e6911620f8.tar.xz openssl-ed49476a16b8ff2688a53a2ba7e011e6911620f8.zip