From: x2018 <xkernel.wang@foxmail.com>
Date: Tue, 23 Nov 2021 13:33:17 +0000 (+0800)
Subject: check the return value of OPENSSL_strdup(CRYPTO_strdup) to prevent potential memory... 
X-Git-Tag: openssl-3.2.0-alpha1~3285
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b9648f31a4917b8594caebda3e6d8d313514fe24;p=thirdparty%2Fopenssl.git

check the return value of OPENSSL_strdup(CRYPTO_strdup) to prevent potential memory access error

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17113)
---

diff --git a/apps/lib/app_rand.c b/apps/lib/app_rand.c
index d3181e56faa..1e10044accd 100644
--- a/apps/lib/app_rand.c
+++ b/apps/lib/app_rand.c
@@ -110,6 +110,8 @@ int opt_rand(int opt)
     case OPT_R_WRITERAND:
         OPENSSL_free(save_rand_file);
         save_rand_file = OPENSSL_strdup(opt_arg());
+        if (save_rand_file == NULL)
+            return 0;
         break;
     }
     return 1;