]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 616581a)
Check input size before NULL pointer test inside mem_write()
authorzsugabubus <zsugabubus@users.noreply.github.com>
Mon, 18 Jan 2021 14:33:57 +0000 (15:33 +0100)
committerTomas Mraz <tomas@openssl.org>
Thu, 21 Jan 2021 17:35:43 +0000 (18:35 +0100)
Checking is performed after the read-only test so it catches such errors
earlier.

CLA: trivial

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13786)

crypto/bio/bss_mem.c patch | blob | blame | history

diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c
index 3bdf4579660f2901a846264bed7b887878edb0d4..fe362d87fc7a429087315f41c902e24c7ebaef0f 100644 (file)
--- a/crypto/bio/bss_mem.c
+++ b/crypto/bio/bss_mem.c
@@ -221,10 +221,6 @@ static int mem_write(BIO *b, const char *in, int inl)
     int blen;
     BIO_BUF_MEM *bbm = (BIO_BUF_MEM *)b->ptr;
 
-    if (in == NULL) {
-        ERR_raise(ERR_LIB_BIO, ERR_R_PASSED_NULL_PARAMETER);
-        goto end;
-    }
     if (b->flags & BIO_FLAGS_MEM_RDONLY) {
         ERR_raise(ERR_LIB_BIO, BIO_R_WRITE_TO_READ_ONLY_BIO);
         goto end;
@@ -232,6 +228,10 @@ static int mem_write(BIO *b, const char *in, int inl)
     BIO_clear_retry_flags(b);
     if (inl == 0)
         return 0;
+    if (in == NULL) {
+        ERR_raise(ERR_LIB_BIO, ERR_R_PASSED_NULL_PARAMETER);
+        goto end;
+    }
     blen = bbm->readp->length;
     mem_buf_sync(b);
     if (BUF_MEM_grow_clean(bbm->buf, blen + inl) == 0)
Mirror of https://github.com/openssl/openssl.git