[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnurl] 356/411: openssl: guard against OOM on context creation
|
From: |
gnunet |
|
Subject: |
[gnurl] 356/411: openssl: guard against OOM on context creation |
|
Date: |
Wed, 13 Jan 2021 01:22:51 +0100 |
This is an automated email from the git hooks/post-receive script.
nikita pushed a commit to branch master
in repository gnurl.
commit 3a8cdc82dcc14e1199d8833476314b535e80045e
Author: Daniel Gustafsson <daniel@yesql.se>
AuthorDate: Thu Nov 19 01:40:24 2020 +0100
openssl: guard against OOM on context creation
EVP_MD_CTX_create will allocate memory for the context and returns
NULL in case the allocation fails. Make sure to catch any allocation
failures and exit early if so.
In passing, also move to EVP_DigestInit rather than EVP_DigestInit_ex
as the latter is intended for ENGINE selection which we don't do.
Closes #6224
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Emil Engler <me@emilengler.com>
---
lib/vtls/openssl.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 1803ed34c..fc0c4e15f 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -4364,7 +4364,9 @@ static CURLcode Curl_ossl_md5sum(unsigned char *tmp, /*
input */
(void) unused;
mdctx = EVP_MD_CTX_create();
- EVP_DigestInit_ex(mdctx, EVP_md5(), NULL);
+ if(!mdctx)
+ return CURLE_OUT_OF_MEMORY;
+ EVP_DigestInit(mdctx, EVP_md5());
EVP_DigestUpdate(mdctx, tmp, tmplen);
EVP_DigestFinal_ex(mdctx, md5sum, &len);
EVP_MD_CTX_destroy(mdctx);
@@ -4382,7 +4384,9 @@ static CURLcode Curl_ossl_sha256sum(const unsigned char
*tmp, /* input */
(void) unused;
mdctx = EVP_MD_CTX_create();
- EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL);
+ if(!mdctx)
+ return CURLE_OUT_OF_MEMORY;
+ EVP_DigestInit(mdctx, EVP_sha256());
EVP_DigestUpdate(mdctx, tmp, tmplen);
EVP_DigestFinal_ex(mdctx, sha256sum, &len);
EVP_MD_CTX_destroy(mdctx);
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [gnurl] 329/411: Revert "libcurl.pc: make it relocatable", (continued)
- [gnurl] 329/411: Revert "libcurl.pc: make it relocatable", gnunet, 2021/01/12
- [gnurl] 327/411: Curl_pgrsStartNow: init speed limit time stamps at start, gnunet, 2021/01/12
- [gnurl] 310/411: KNOWN_BUGS: FTPS with Schannel times out file list operation, gnunet, 2021/01/12
- [gnurl] 295/411: travis: use valgrind when running tests for debug builds, gnunet, 2021/01/12
- [gnurl] 342/411: CURLOPT_HSTS.3: document the file format, gnunet, 2021/01/12
- [gnurl] 290/411: http: pass correct header size to debug callback for chunked post, gnunet, 2021/01/12
- [gnurl] 377/411: socks: check for DNS entries with the right port number, gnunet, 2021/01/12
- [gnurl] 372/411: file: avoid duplicated code sequence, gnunet, 2021/01/12
- [gnurl] 376/411: curl_setup: USE_RESOLVE_ON_IPS is for Apple native resolver use, gnunet, 2021/01/12
- [gnurl] 292/411: tests: add missing global_init/cleanup calls, gnunet, 2021/01/12
- [gnurl] 356/411: openssl: guard against OOM on context creation,
gnunet <=
- [gnurl] 280/411: mailmap: set Viktor Szakats's email, gnunet, 2021/01/12
- [gnurl] 269/411: CI/appveyor: disable test 571 in two cmake builds, gnunet, 2021/01/12
- [gnurl] 326/411: ngtcp2: adapt to recent nghttp3 updates, gnunet, 2021/01/12
- [gnurl] 411/411: add lowercase curl, gnunet, 2021/01/12
- [gnurl] 393/411: SECURITY-PROCESS: disclose on hackerone, gnunet, 2021/01/12
- [gnurl] 385/411: openssl: free mem_buf in error path, gnunet, 2021/01/12
- [gnurl] 397/411: ftp: retry getpeername for FTP with TCP_FASTOPEN, gnunet, 2021/01/12
- [gnurl] 406/411: RELEASE-NOTES: synced, gnunet, 2021/01/12
- [gnurl] 398/411: Revert "multi: implement wait using winsock events", gnunet, 2021/01/12
- [gnurl] 387/411: NEW-PROTOCOL: document what needs to be done to add one, gnunet, 2021/01/12