From ad9a05621ac75b6b9db1e8856d7f434276b1a7af Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 4 May 2016 10:38:02 +0100 Subject: Handle malloc failures in BIO_accept The old BIO_accept() function can encounter errors during malloc. We need to ensure we properly clean up if that occurs. GH Issue #817 Reviewed-by: Richard Levitte --- crypto/bio/b_sock.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) (limited to 'crypto/bio') diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c index 071acda48e..dc14a1b587 100644 --- a/crypto/bio/b_sock.c +++ b/crypto/bio/b_sock.c @@ -311,10 +311,20 @@ int BIO_accept(int sock, char **ip_port) if (ip_port != NULL) { char *host = BIO_ADDR_hostname_string(&res, 1); char *port = BIO_ADDR_service_string(&res, 1); - *ip_port = OPENSSL_zalloc(strlen(host) + strlen(port) + 2); - strcpy(*ip_port, host); - strcat(*ip_port, ":"); - strcat(*ip_port, port); + if (host != NULL && port != NULL) + *ip_port = OPENSSL_zalloc(strlen(host) + strlen(port) + 2); + else + *ip_port = NULL; + + if (*ip_port == NULL) { + BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE); + BIO_closesocket(ret); + ret = (int)INVALID_SOCKET; + } else { + strcpy(*ip_port, host); + strcat(*ip_port, ":"); + strcat(*ip_port, port); + } OPENSSL_free(host); OPENSSL_free(port); } -- cgit v1.2.3