openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

apps/s_server: Add missing check for BIO_new 

As the potential failure of the BIO_new(), it should be better to check the return value and return error if fails in order to avoid the dereference of NULL pointer.
And because 'bio_s_msg' is checked before being used everytime, which has no need to add the check.
But 'bio_s_out' is not.
And since the check 'if (bio_s_out == NULL)' is redundant, it can be removed to make the code succincter.
Also the 'sbio' and so forth should be checked like the other places in the same file.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17710)
This commit is contained in:
Jiasheng Jiang 2022-02-16 11:27:23 +08:00 committed by Tomas Mraz
parent 8f084b4380
commit ba0b60c632
1 changed files with 50 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
apps/s_server.c
View File

@ -1817,10 +1817,13 @@ int s_server_main(int argc, char *argv[])
if (s_msg && bio_s_msg == NULL)
bio_s_msg = dup_bio_out(FORMAT_TEXT);
} else {
if (bio_s_out == NULL)
bio_s_out = dup_bio_out(FORMAT_TEXT);
bio_s_out = dup_bio_out(FORMAT_TEXT);
}
}
if (bio_s_out == NULL)
goto end;
if (nocert) {
s_cert_file = NULL;
s_key_file = NULL;
@ -2362,6 +2365,11 @@ static int sv_body(int s, int stype, int prot, unsigned char *context)
else
# endif
sbio = BIO_new_dgram(s, BIO_NOCLOSE);
if (sbio == NULL) {
BIO_printf(bio_err, "Unable to create BIO\n");
ERR_print_errors(bio_err);
goto err;
}
if (enable_timeouts) {
timeout.tv_sec = 0;
@ -2411,6 +2419,13 @@ static int sv_body(int s, int stype, int prot, unsigned char *context)
BIO *test;
test = BIO_new(BIO_f_nbio_test());
if (test == NULL) {
BIO_printf(bio_err, "Unable to create BIO\n");
ret = -1;
BIO_free(sbio);
goto err;
}
sbio = BIO_push(test, sbio);
}
@ -2997,6 +3012,9 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
int width;
fd_set readfds;
const char *opmode;
#ifdef CHARSET_EBCDIC
BIO *filter;
#endif
/* Set width for a select call if needed */
width = s + 1;
@ -3036,10 +3054,21 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
}
sbio = BIO_new_socket(s, BIO_NOCLOSE);
if (sbio == NULL) {
SSL_free(con);
goto err;
}
if (s_nbio_test) {
BIO *test;
test = BIO_new(BIO_f_nbio_test());
if (test == NULL) {
SSL_free(con);
BIO_free(sbio);
goto err;
}
sbio = BIO_push(test, sbio);
}
SSL_set_bio(con, sbio, sbio);
@ -3050,7 +3079,11 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
BIO_push(io, ssl_bio);
ssl_bio = NULL;
#ifdef CHARSET_EBCDIC
io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
filter = BIO_new(BIO_f_ebcdic_filter());
if (filter == NULL)
goto err;
io = BIO_push(filter, io);
#endif
if (s_debug) {
@ -3414,6 +3447,9 @@ static int rev_body(int s, int stype, int prot, unsigned char *context)
int ret = 1;
SSL *con;
BIO *io, *ssl_bio, *sbio;
#ifdef CHARSET_EBCDIC
BIO *filter;
#endif
/* as we use BIO_gets(), and it always null terminates data, we need
* to allocate 1 byte longer buffer to fit the full 2^14 byte record */
@ -3443,6 +3479,12 @@ static int rev_body(int s, int stype, int prot, unsigned char *context)
}
sbio = BIO_new_socket(s, BIO_NOCLOSE);
if (sbio == NULL) {
SSL_free(con);
ERR_print_errors(bio_err);
goto err;
}
SSL_set_bio(con, sbio, sbio);
SSL_set_accept_state(con);
@ -3451,7 +3493,11 @@ static int rev_body(int s, int stype, int prot, unsigned char *context)
BIO_push(io, ssl_bio);
ssl_bio = NULL;
#ifdef CHARSET_EBCDIC
io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
filter = BIO_new(BIO_f_ebcdic_filter());
if (filter == NULL)
goto err;
io = BIO_push(filter, io);
#endif
if (s_debug) {