From: Jiasheng Jiang Date: Wed, 2 Feb 2022 11:45:59 +0000 (+0800) Subject: evp_test: Add the missing check after calling OPENSSL_strdup and sk_OPENSSL_STRING_ne... X-Git-Tag: openssl-3.2.0-alpha1~2971 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b2f90e93a07d992515782511a5770aa7cf7dc28f;p=thirdparty%2Fopenssl.git evp_test: Add the missing check after calling OPENSSL_strdup and sk_OPENSSL_STRING_new_null Since the memory allocation may fail, the 'mac_name' and 'controls' could be NULL. And the 'mac_name' will be printed in mac_test_run_mac() without check. Also the result of 'params_n + sk_OPENSSL_STRING_num(expected->controls)' in mac_test_run_mac() will be 'params_n - 1' if allocation fails , which does not make sense. Therefore, it should be better to check them in order to guarantee the complete success of initiation. If fails, we also need to free the 'mdat' to avoid the memory leak. Signed-off-by: Jiasheng Jiang Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17628) --- diff --git a/test/evp_test.c b/test/evp_test.c index 6c4e64c159a..a1b6bce8fae 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -1201,9 +1201,18 @@ static int mac_test_init(EVP_TEST *t, const char *alg) return 0; mdat->type = type; - mdat->mac_name = OPENSSL_strdup(alg); + if (!TEST_ptr(mdat->mac_name = OPENSSL_strdup(alg))) { + OPENSSL_free(mdat); + return 0; + } + mdat->mac = mac; - mdat->controls = sk_OPENSSL_STRING_new_null(); + if (!TEST_ptr(mdat->controls = sk_OPENSSL_STRING_new_null())) { + OPENSSL_free(mdat->mac_name); + OPENSSL_free(mdat); + return 0; + } + mdat->output_size = mdat->block_size = -1; t->data = mdat; return 1;