From: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Date: Thu, 10 Feb 2022 03:21:47 +0000 (+0800)
Subject: openssl rehash: add check for OPENSSL_strdup
X-Git-Tag: openssl-3.2.0-alpha1~2945
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=79cda38cff834224fb9d86dc7433b4f60688ce49;p=thirdparty%2Fopenssl.git

openssl rehash: add check for OPENSSL_strdup

As the potential failure of the memory allocation,
it should be better to check the return value of
OPENSSL_strdup() and return error if fails.
Also, we need to restore the 'ep' to be NULL if fails.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17676)
---

diff --git a/apps/rehash.c b/apps/rehash.c
index e0cdc9bc622..e0b79546078 100644
--- a/apps/rehash.c
+++ b/apps/rehash.c
@@ -168,6 +168,12 @@ static int add_entry(enum Type type, unsigned int hash, const char *filename,
         *ep = nilhentry;
         ep->old_id = ~0;
         ep->filename = OPENSSL_strdup(filename);
+        if (ep->filename == NULL) {
+            OPENSSL_free(ep);
+            ep = NULL;
+            BIO_printf(bio_err, "out of memory\n");
+            return 1;
+        }
         if (bp->last_entry)
             bp->last_entry->next = ep;
         if (bp->first_entry == NULL)