From: Giovanni Bechis <gbechis@apache.org>
Date: Thu, 23 Mar 2023 16:23:12 +0000 (+0000)
Subject: check apreq_cookie_make return value
X-Git-Tag: 2.5.0-alpha2-ci-test-only~14
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2133fa3a38bf385ab5fbe0f8faf11d31f833a84f;p=thirdparty%2Fapache%2Fhttpd.git

check apreq_cookie_make return value
Github: closes #302


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908673 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/server/apreq_module_cgi.c b/server/apreq_module_cgi.c
index 779115dd6e4..eaf4e99ef43 100644
--- a/server/apreq_module_cgi.c
+++ b/server/apreq_module_cgi.c
@@ -516,6 +516,8 @@ static apr_status_t cgi_jar(apreq_handle_t *handle,
             if (val == NULL)
                 val = "";
             p = apreq_cookie_make(handle->pool, name, strlen(name), val, strlen(val));
+            if (p == NULL)
+                return APR_ENOMEM;
             apreq_cookie_tainted_on(p);
             apreq_value_table_add(&p->v, req->jar);
         }
@@ -606,6 +608,8 @@ static apreq_cookie_t *cgi_jar_get(apreq_handle_t *handle,
             if (val == NULL)
                 return NULL;
             p = apreq_cookie_make(handle->pool, name, strlen(name), val, strlen(val));
+            if (p == NULL)
+                return NULL;
             apreq_cookie_tainted_on(p);
             apreq_value_table_add(&p->v, req->jar);
             val = p->v.data;