From ffb5ca705be6bdfdee9834e969d4a43d114fdea6 Mon Sep 17 00:00:00 2001
From: Jiasheng Jiang <jiashengjiangcool@gmail.com>
Date: Tue, 8 Jul 2025 18:44:20 +0000
Subject: [PATCH] test/bio_base64_test.c: Add check for BIO_new()

Add check for the return value of BIO_new() to avoid NULL pointer dereference.

Fixes: 0cd9dd703e ("Improve base64 BIO correctness and error reporting")
Signed-off-by: Jiasheng Jiang <jiashengjiangcool@gmail.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
MergeDate: Mon Jan 12 18:42:15 2026
(Merged from https://github.com/openssl/openssl/pull/27993)
---
 test/bio_base64_test.c | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/test/bio_base64_test.c b/test/bio_base64_test.c
index 62f11c3b247..733bfa1b7d6 100644
--- a/test/bio_base64_test.c
+++ b/test/bio_base64_test.c
@@ -182,12 +182,12 @@ static int genb64(char *prefix, char *suffix, unsigned const char *buf,
 
 static int test_bio_base64_run(test_case *t, int llen, int wscnt)
 {
-    unsigned char *raw;
-    unsigned char *out;
+    unsigned char *raw = NULL;
+    unsigned char *out = NULL;
     unsigned out_len;
     char *encoded = NULL;
     int elen;
-    BIO *bio, *b64;
+    BIO *bio = NULL, *b64 = NULL;
     int n, n1, n2;
     int ret;
 
@@ -208,19 +208,17 @@ static int test_bio_base64_run(test_case *t, int llen, int wscnt)
     out_len = t->bytes + 1024;
     out = OPENSSL_malloc(out_len);
     if (out == NULL) {
-        OPENSSL_free(raw);
         TEST_error("out of memory");
-        return -1;
+        ret = -1;
+        goto end;
     }
 
     elen = genb64(t->prefix, t->suffix, raw, t->bytes, t->trunc, t->encoded,
         llen, wscnt, &encoded);
     if (elen < 0 || (bio = BIO_new(BIO_s_mem())) == NULL) {
-        OPENSSL_free(raw);
-        OPENSSL_free(out);
-        OPENSSL_free(encoded);
         TEST_error("out of memory");
-        return -1;
+        ret = -1;
+        goto end;
     }
     if (t->retry)
         BIO_set_mem_eof_return(bio, EOF_RETURN);
@@ -238,7 +236,10 @@ static int test_bio_base64_run(test_case *t, int llen, int wscnt)
     if (n1 > 0)
         BIO_write(bio, encoded, n1);
 
-    b64 = BIO_new(BIO_f_base64());
+    if (!TEST_ptr(b64 = BIO_new(BIO_f_base64()))) {
+        ret = -1;
+        goto end;
+    }
     if (t->no_nl)
         BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
     BIO_push(b64, bio);
@@ -296,11 +297,12 @@ static int test_bio_base64_run(test_case *t, int llen, int wscnt)
         ret = -1;
     }
 
-    BIO_free_all(b64);
-    OPENSSL_free(out);
+end:
+    BIO_free(bio);
+    BIO_free(b64);
     OPENSSL_free(raw);
+    OPENSSL_free(out);
     OPENSSL_free(encoded);
-
     return ret;
 }
 
-- 
2.47.3