From 43cddc534eebf33c301bf2fabed8fa52fb92526c Mon Sep 17 00:00:00 2001
From: Joshua Rogers <MegaManSec@users.noreply.github.com>
Date: Sat, 11 Oct 2025 19:53:07 +0800
Subject: [PATCH] ssl: call SSLfatal on realloc failures in extract_keyshares

Initial malloc path already does this. Realloc path went to failure
without recording a fatal alert.

Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28873)
---
 ssl/statem/extensions_srvr.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 81c251523b6..09f653d03d4 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -756,15 +756,21 @@ static KS_EXTRACTION_RESULT extract_keyshares(SSL_CONNECTION *s, PACKET *key_sha
                                       *keyshares_max + GROUPLIST_INCREMENT,
                                       sizeof(**keyshares_arr));
 
-            if (tmp == NULL)
+            if (tmp == NULL) {
+                SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
                 goto failure;
+            }
+
             *keyshares_arr = tmp;
             tmp_pkt =
                 OPENSSL_realloc_array(*encoded_pubkey_arr,
                                       *keyshares_max + GROUPLIST_INCREMENT,
                                       sizeof(**encoded_pubkey_arr));
-            if (tmp_pkt == NULL)
+            if (tmp_pkt == NULL) {
+                SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
                 goto failure;
+            }
+
             *encoded_pubkey_arr = tmp_pkt;
             *keyshares_max += GROUPLIST_INCREMENT;
         }
-- 
2.47.3