BUG/MINOR: ssl: Missing calloc return value check in ssl_init_single_engine

A memory allocation failure happening during ssl_init_single_engine
would have resulted in a crash. This function is only called during
init.

It was raised in GitHub issue #1233.
It could be backported to all stable branches.

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index ec271c922ac31d7ce698972fad7a72b80b3502d0..f596a831de26482baaa16e9bfb73df4e4184effe 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -636,6 +636,8 @@ int ssl_init_single_engine(const char *engine_id, const char *def_algorithms)
        }
 
        el = calloc(1, sizeof(*el));
+       if (!el)
+               goto fail_alloc;
        el->e = engine;
        LIST_INSERT(&openssl_engines, &el->list);
        nb_engines++;
@@ -643,6 +645,7 @@ int ssl_init_single_engine(const char *engine_id, const char *def_algorithms)
                global.ssl_used_async_engines = nb_engines;
        return 0;
 
+fail_alloc:
 fail_set_method:
        /* release the functional reference from ENGINE_init() */
        ENGINE_finish(engine);