tls1_heartbeat: check for NULL after allocating buf

Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org>
2013-12-09 17:21:43 +01:00 · 2013-12-09 17:21:43 +01:00 · 288b4e4f8f
commit 288b4e4f8f
parent c27dc3981c
1 changed files with 5 additions and 0 deletions
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@ -4094,6 +4094,11 @@ tls1_heartbeat(SSL *s)
 	 *  - Padding
 	 */
 	buf = OPENSSL_malloc(1 + 2 + payload + padding);
+	if (buf == NULL)
+		{
+		SSLerr(SSL_F_TLS1_HEARTBEAT,ERR_R_MALLOC_FAILURE);
+		return -1;
+		}
 	p = buf;
 	/* Message Type */
 	*p++ = TLS1_HB_REQUEST;