check BN_bn2dec return value

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1902302 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c
index 164556ee4e89daf6ff5c9522d2e7a76bcc31ec9a..af6c4de1b7cb217be2e02b5186dc7ad92e1dd47f 100644 (file)
--- a/modules/ssl/ssl_engine_vars.c
+++ b/modules/ssl/ssl_engine_vars.c
@@ -843,6 +843,7 @@ static const char *ssl_var_lookup_ssl_cert_chain(apr_pool_t *p, STACK_OF(X509) *
 static const char *ssl_var_lookup_ssl_cert_rfc4523_cea(apr_pool_t *p, SSL *ssl)
 {
     char *result;
+    char *decimal;
     X509 *xs;
 
     ASN1_INTEGER *serialNumber;
@@ -858,7 +859,11 @@ static const char *ssl_var_lookup_ssl_cert_rfc4523_cea(apr_pool_t *p, SSL *ssl)
         X509_NAME *issuer = X509_get_issuer_name(xs);
         if (issuer) {
             BIGNUM *bn = ASN1_INTEGER_to_BN(serialNumber, NULL);
-            char *decimal = BN_bn2dec(bn);
+            if((decimal = BN_bn2dec(bn)) == NULL) {
+              BN_free(bn);
+              X509_free(xs);
+              return NULL;
+            }
             result = apr_pstrcat(p, "{ serialNumber ", decimal,
                     ", issuer rdnSequence:\"",
                     modssl_X509_NAME_to_string(p, issuer, 0), "\" }", NULL);