From: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> Date: Mon, 17 Jul 2023 20:31:10 +0000 (-0700) Subject: [3.11] gh-106831: Fix NULL check of d2i_SSL_SESSION() result in _ssl.c (GH-106832... X-Git-Tag: v3.11.5~192 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a782d51913222e340b75b2dd50e646be80dd035b;p=thirdparty%2FPython%2Fcpython.git [3.11] gh-106831: Fix NULL check of d2i_SSL_SESSION() result in _ssl.c (GH-106832) (#106836) gh-106831: Fix NULL check of d2i_SSL_SESSION() result in _ssl.c (GH-106832) (cherry picked from commit ebf2c56b33553a448da8f60fcd89a622f071b5f4) Co-authored-by: Nikita Sobolev --- diff --git a/Misc/NEWS.d/next/Library/2023-07-17-21-45-15.gh-issue-106831.RqVq9X.rst b/Misc/NEWS.d/next/Library/2023-07-17-21-45-15.gh-issue-106831.RqVq9X.rst new file mode 100644 index 000000000000..d3b986268453 --- /dev/null +++ b/Misc/NEWS.d/next/Library/2023-07-17-21-45-15.gh-issue-106831.RqVq9X.rst @@ -0,0 +1,2 @@ +Fix potential missing ``NULL`` check of ``d2i_SSL_SESSION`` result in +``_ssl.c``. diff --git a/Modules/_ssl.c b/Modules/_ssl.c index c1a8eaaa2fa0..e3bb38e769c9 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -2800,7 +2800,7 @@ _ssl_session_dup(SSL_SESSION *session) { /* get length */ slen = i2d_SSL_SESSION(session, NULL); if (slen == 0 || slen > 0xFF00) { - PyErr_SetString(PyExc_ValueError, "i2d() failed."); + PyErr_SetString(PyExc_ValueError, "i2d() failed"); goto error; } if ((senc = PyMem_Malloc(slen)) == NULL) { @@ -2809,12 +2809,13 @@ _ssl_session_dup(SSL_SESSION *session) { } p = senc; if (!i2d_SSL_SESSION(session, &p)) { - PyErr_SetString(PyExc_ValueError, "i2d() failed."); + PyErr_SetString(PyExc_ValueError, "i2d() failed"); goto error; } const_p = senc; newsession = d2i_SSL_SESSION(NULL, &const_p, slen); - if (session == NULL) { + if (newsession == NULL) { + PyErr_SetString(PyExc_ValueError, "d2i() failed"); goto error; } PyMem_Free(senc);