tls1_process_heartbeat: check for NULL after allocating buffer

Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org>
2014-12-07 17:38:51 +01:00 · 2014-12-07 17:38:51 +01:00 · c27dc3981c
commit c27dc3981c
parent fed5b55252
3 changed files with 7 additions and 0 deletions
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@ -2732,6 +2732,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT		 275
 #define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT		 276
 #define SSL_F_TLS1_PRF					 284
+#define SSL_F_TLS1_PROCESS_HEARTBEAT			 341
 #define SSL_F_TLS1_SETUP_KEY_BLOCK			 211
 #define SSL_F_TLS1_SET_SERVER_SIGALGS			 335

--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@ -273,6 +273,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
 {ERR_FUNC(SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT),	"TLS1_PREPARE_CLIENTHELLO_TLSEXT"},
 {ERR_FUNC(SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT),	"TLS1_PREPARE_SERVERHELLO_TLSEXT"},
 {ERR_FUNC(SSL_F_TLS1_PRF),	"tls1_prf"},
+{ERR_FUNC(SSL_F_TLS1_PROCESS_HEARTBEAT),	"tls1_process_heartbeat"},
 {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK),	"tls1_setup_key_block"},
 {ERR_FUNC(SSL_F_TLS1_SET_SERVER_SIGALGS),	"tls1_set_server_sigalgs"},
 {0,NULL}
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@ -4003,6 +4003,11 @@ tls1_process_heartbeat(SSL *s)
 		 * payload, plus padding
 		 */
 		buffer = OPENSSL_malloc(1 + 2 + payload + padding);
+		if (buffer == NULL)
+			{
+			SSLerr(SSL_F_TLS1_PROCESS_HEARTBEAT,ERR_R_MALLOC_FAILURE);
+			return -1;
+			}
 		bp = buffer;
 		
 		/* Enter response type, length and copy payload */