From: Ralph Dolmans Date: Thu, 30 Jan 2020 18:15:58 +0000 (+0100) Subject: - Stop working on socket when socket() call returns an error. X-Git-Tag: release-1.10.0rc1~24 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=810862dc65e03960f3db0a9d418f005a6c2f1749;p=thirdparty%2Funbound.git - Stop working on socket when socket() call returns an error. - Check malloc return values in TLS session ticket code --- diff --git a/doc/Changelog b/doc/Changelog index 4c215c3a5..b15250545 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -4,6 +4,8 @@ - Fix memory leak in do_auth_zone_transfer on success - Merge RPZ support into master. Only QNAME and Response IP triggers are supported. + - Stop working on socket when socket() call returns an error. + - Check malloc return values in TLS session ticket code 30 January 2020: Wouter - Fix subnet tests for disabled DSA algorithm by default. diff --git a/services/outside_network.c b/services/outside_network.c index f865f13c1..9876c2150 100644 --- a/services/outside_network.c +++ b/services/outside_network.c @@ -293,6 +293,9 @@ outnet_tcp_take_into_use(struct waiting_tcp* w, uint8_t* pkt, size_t pkt_len) /* open socket */ s = outnet_get_tcp_fd(&w->addr, w->addrlen, w->outnet->tcp_mss); + if(s == -1) + return 0; + if(!pick_outgoing_tcp(w, s)) return 0; diff --git a/util/net_help.c b/util/net_help.c index c1ff25d63..8f83ec001 100644 --- a/util/net_help.c +++ b/util/net_help.c @@ -1271,13 +1271,20 @@ int listen_sslctx_setup_ticket_keys(void* sslctx, struct config_strlist* tls_ses s++; } keys = calloc(s, sizeof(struct tls_session_ticket_key)); + if(!keys) + return 0; memset(keys, 0, s*sizeof(*keys)); ticket_keys = keys; for(p = tls_session_ticket_keys; p; p = p->next) { size_t n; - unsigned char *data = (unsigned char *)malloc(80); + unsigned char *data; FILE *f = fopen(p->str, "r"); + + data = (unsigned char *)malloc(80); + if(!data) + return 0; + if(!f) { log_err("could not read tls-session-ticket-key %s: %s", p->str, strerror(errno)); free(data);