ssl: call SSLfatal on realloc failures in extract_keyshares

Initial malloc path already does this. Realloc path went to failure
without recording a fatal alert.

Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28873)

(cherry picked from commit 43cddc534eebf33c301bf2fabed8fa52fb92526c)

diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 02955752a704bdbee57ddb8dc8596ce0773b6e43..9e8a878b524e0c7129e242e4e4525db29e5fd291 100644 (file)
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -756,15 +756,21 @@ static KS_EXTRACTION_RESULT extract_keyshares(SSL_CONNECTION *s, PACKET *key_sha
                                       *keyshares_max + GROUPLIST_INCREMENT,
                                       sizeof(**keyshares_arr));
 
-            if (tmp == NULL)
+            if (tmp == NULL) {
+                SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
                 goto failure;
+            }
+
             *keyshares_arr = tmp;
             tmp_pkt =
                 OPENSSL_realloc_array(*encoded_pubkey_arr,
                                       *keyshares_max + GROUPLIST_INCREMENT,
                                       sizeof(**encoded_pubkey_arr));
-            if (tmp_pkt == NULL)
+            if (tmp_pkt == NULL) {
+                SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
                 goto failure;
+            }
+
             *encoded_pubkey_arr = tmp_pkt;
             *keyshares_max += GROUPLIST_INCREMENT;
         }