From: Frederik Wedel-Heinen <frederik.wedel-heinen@dencrypt.dk>
Date: Sun, 22 Dec 2024 12:35:00 +0000 (+0100)
Subject: Avoid leaking memory when realloc fails
X-Git-Tag: openssl-3.5.0-alpha1~792
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=65db21935a2add580eb35bdf0b0f37441549d54c;p=thirdparty%2Fopenssl.git

Avoid leaking memory when realloc fails

In ossl_property_merge() we can drop the realloc because it just makes
the allocation smaller.

In quic-hq-interop.c we check the realloc result.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26244)
---

diff --git a/crypto/property/property_parse.c b/crypto/property/property_parse.c
index dbe766d39f7..613c285be82 100644
--- a/crypto/property/property_parse.c
+++ b/crypto/property/property_parse.c
@@ -567,8 +567,7 @@ OSSL_PROPERTY_LIST *ossl_property_merge(const OSSL_PROPERTY_LIST *a,
         r->has_optional |= copy->optional;
     }
     r->num_properties = n;
-    if (n != t)
-        r = OPENSSL_realloc(r, sizeof(*r) + (n - 1) * sizeof(r->properties[0]));
+
     return r;
 }
 
diff --git a/demos/guide/quic-hq-interop.c b/demos/guide/quic-hq-interop.c
index deb6b633e9b..7c158fc0908 100644
--- a/demos/guide/quic-hq-interop.c
+++ b/demos/guide/quic-hq-interop.c
@@ -911,6 +911,8 @@ int main(int argc, char *argv[])
     while (req != NULL) {
         total_requests++;
         req_array = OPENSSL_realloc(req_array, sizeof(char *) * total_requests);
+        if (req_array == NULL)
+            goto end;
         req_array[total_requests - 1] = req;
         req = strtok(NULL, " ");
     }