diff options
| author | Miod Vallat <miod@cvs.openbsd.org> | 2014-05-26 20:54:07 +0000 |
|---|---|---|
| committer | Miod Vallat <miod@cvs.openbsd.org> | 2014-05-26 20:54:07 +0000 |
| commit | cc0ac600dfde00a69a997d1a1c227203d2cbe7f7 (patch) | |
| tree | 520635d213e6256580dc8539b181133fcdfe84dd | |
| parent | d0e13ed783e880db3d09196c987aa639983a1450 (diff) | |
Replace the following logic:
if (nothing to allocate)
ptr = malloc(1)
else {
if ((ptr = malloc(size to allocate))
memcpy(ptr, data to copy, size to allocate)
}
if (ptr == NULL)
OMG ERROR
with a saner logic where the NULL pointer check if moved to the actual
malloc branch, so that we do not need to malloc a single byte, just to avoid
having a NULL pointer.
Whoever thought allocating a single byte was a smart idea was obviously
not taking his meds.
ok beck@ guenther@
| -rw-r--r-- | lib/libssl/src/ssl/s3_lib.c | 18 | ||||
| -rw-r--r-- | lib/libssl/src/ssl/t1_lib.c | 65 |
2 files changed, 49 insertions, 34 deletions
diff --git a/lib/libssl/src/ssl/s3_lib.c b/lib/libssl/src/ssl/s3_lib.c index 8b67e7c36a3..d8a186040b8 100644 --- a/lib/libssl/src/ssl/s3_lib.c +++ b/lib/libssl/src/ssl/s3_lib.c @@ -2633,16 +2633,18 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) if (s->tlsext_opaque_prf_input != NULL) free(s->tlsext_opaque_prf_input); if ((size_t)larg == 0) { - /* dummy byte just to get non-NULL */ - s->tlsext_opaque_prf_input = malloc(1); - } else + s->tlsext_opaque_prf_input = NULL; + s->tlsext_opaque_prf_input_len = 0; + ret = 1; + } else { s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg); - if (s->tlsext_opaque_prf_input != NULL) { - s->tlsext_opaque_prf_input_len = (size_t)larg; - ret = 1; - } else - s->tlsext_opaque_prf_input_len = 0; + if (s->tlsext_opaque_prf_input != NULL) { + s->tlsext_opaque_prf_input_len = (size_t)larg; + ret = 1; + } else + s->tlsext_opaque_prf_input_len = 0; + } break; #endif diff --git a/lib/libssl/src/ssl/t1_lib.c b/lib/libssl/src/ssl/t1_lib.c index 99298c1791c..c45708bf78d 100644 --- a/lib/libssl/src/ssl/t1_lib.c +++ b/lib/libssl/src/ssl/t1_lib.c @@ -1154,12 +1154,15 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, if (s->s3->client_opaque_prf_input != NULL) /* shouldn't really happen */ free(s->s3->client_opaque_prf_input); if (s->s3->client_opaque_prf_input_len == 0) - s->s3->client_opaque_prf_input = malloc(1); /* dummy byte just to get non-NULL */ - else - s->s3->client_opaque_prf_input = BUF_memdup(sdata, s->s3->client_opaque_prf_input_len); - if (s->s3->client_opaque_prf_input == NULL) { - *al = TLS1_AD_INTERNAL_ERROR; - return 0; + s->s3->client_opaque_prf_input = NULL; + else { + s->s3->client_opaque_prf_input = + BUF_memdup(sdata, + s->s3->client_opaque_prf_input_len); + if (s->s3->client_opaque_prf_input == NULL) { + *al = TLS1_AD_INTERNAL_ERROR; + return 0; + } } } #endif @@ -1458,13 +1461,15 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, if (s->s3->server_opaque_prf_input != NULL) /* shouldn't really happen */ free(s->s3->server_opaque_prf_input); if (s->s3->server_opaque_prf_input_len == 0) - s->s3->server_opaque_prf_input = malloc(1); /* dummy byte just to get non-NULL */ - else - s->s3->server_opaque_prf_input = BUF_memdup(sdata, s->s3->server_opaque_prf_input_len); - - if (s->s3->server_opaque_prf_input == NULL) { - *al = TLS1_AD_INTERNAL_ERROR; - return 0; + s->s3->server_opaque_prf_input = NULL; + else { + s->s3->server_opaque_prf_input = + BUF_memdup(sdata, + s->s3->server_opaque_prf_input_len); + if (s->s3->server_opaque_prf_input == NULL) { + *al = TLS1_AD_INTERNAL_ERROR; + return 0; + } } } #endif @@ -1639,12 +1644,16 @@ ssl_prepare_clienthello_tlsext(SSL *s) free(s->s3->client_opaque_prf_input); if (s->tlsext_opaque_prf_input_len == 0) - s->s3->client_opaque_prf_input = malloc(1); /* dummy byte just to get non-NULL */ - else - s->s3->client_opaque_prf_input = BUF_memdup(s->tlsext_opaque_prf_input, s->tlsext_opaque_prf_input_len); - if (s->s3->client_opaque_prf_input == NULL) { - SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT, ERR_R_MALLOC_FAILURE); - return -1; + s->s3->client_opaque_prf_input = NULL; + else { + s->s3->client_opaque_prf_input = + BUF_memdup(s->tlsext_opaque_prf_input, + s->tlsext_opaque_prf_input_len); + if (s->s3->client_opaque_prf_input == NULL) { + SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT, + ERR_R_MALLOC_FAILURE); + return -1; + } } s->s3->client_opaque_prf_input_len = s->tlsext_opaque_prf_input_len; } @@ -1740,13 +1749,17 @@ ssl_check_clienthello_tlsext_early(SSL *s) * of the same length as the client opaque PRF input! */ if (s->tlsext_opaque_prf_input_len == 0) - s->s3->server_opaque_prf_input = malloc(1); /* dummy byte just to get non-NULL */ - else - s->s3->server_opaque_prf_input = BUF_memdup(s->tlsext_opaque_prf_input, s->tlsext_opaque_prf_input_len); - if (s->s3->server_opaque_prf_input == NULL) { - ret = SSL_TLSEXT_ERR_ALERT_FATAL; - al = SSL_AD_INTERNAL_ERROR; - goto err; + s->s3->server_opaque_prf_input = NULL; + else { + s->s3->server_opaque_prf_input = + BUF_memdup(s->tlsext_opaque_prf_input, + s->tlsext_opaque_prf_input_len); + if (s->s3->server_opaque_prf_input == + NULL) { + ret = SSL_TLSEXT_ERR_ALERT_FATAL; + al = SSL_AD_INTERNAL_ERROR; + goto err; + } } s->s3->server_opaque_prf_input_len = s->tlsext_opaque_prf_input_len; } |