diff options
| author | Miod Vallat <miod@cvs.openbsd.org> | 2014-05-26 20:54:07 +0000 |
|---|---|---|
| committer | Miod Vallat <miod@cvs.openbsd.org> | 2014-05-26 20:54:07 +0000 |
| commit | 4f279cab0dcda8396f89af5822223b4395b203bc (patch) | |
| tree | 08d36d1cbee4efc386eeb6316cf26b442919d261 /lib/libssl/t1_lib.c | |
| parent | b6223b745876d320937ce4dea659d07869c8577b (diff) | |
Replace the following logic:
if (nothing to allocate)
ptr = malloc(1)
else {
if ((ptr = malloc(size to allocate))
memcpy(ptr, data to copy, size to allocate)
}
if (ptr == NULL)
OMG ERROR
with a saner logic where the NULL pointer check if moved to the actual
malloc branch, so that we do not need to malloc a single byte, just to avoid
having a NULL pointer.
Whoever thought allocating a single byte was a smart idea was obviously
not taking his meds.
ok beck@ guenther@
Diffstat (limited to 'lib/libssl/t1_lib.c')
| -rw-r--r-- | lib/libssl/t1_lib.c | 65 |
1 files changed, 39 insertions, 26 deletions
diff --git a/lib/libssl/t1_lib.c b/lib/libssl/t1_lib.c index 99298c1791c..c45708bf78d 100644 --- a/lib/libssl/t1_lib.c +++ b/lib/libssl/t1_lib.c @@ -1154,12 +1154,15 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, if (s->s3->client_opaque_prf_input != NULL) /* shouldn't really happen */ free(s->s3->client_opaque_prf_input); if (s->s3->client_opaque_prf_input_len == 0) - s->s3->client_opaque_prf_input = malloc(1); /* dummy byte just to get non-NULL */ - else - s->s3->client_opaque_prf_input = BUF_memdup(sdata, s->s3->client_opaque_prf_input_len); - if (s->s3->client_opaque_prf_input == NULL) { - *al = TLS1_AD_INTERNAL_ERROR; - return 0; + s->s3->client_opaque_prf_input = NULL; + else { + s->s3->client_opaque_prf_input = + BUF_memdup(sdata, + s->s3->client_opaque_prf_input_len); + if (s->s3->client_opaque_prf_input == NULL) { + *al = TLS1_AD_INTERNAL_ERROR; + return 0; + } } } #endif @@ -1458,13 +1461,15 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, if (s->s3->server_opaque_prf_input != NULL) /* shouldn't really happen */ free(s->s3->server_opaque_prf_input); if (s->s3->server_opaque_prf_input_len == 0) - s->s3->server_opaque_prf_input = malloc(1); /* dummy byte just to get non-NULL */ - else - s->s3->server_opaque_prf_input = BUF_memdup(sdata, s->s3->server_opaque_prf_input_len); - - if (s->s3->server_opaque_prf_input == NULL) { - *al = TLS1_AD_INTERNAL_ERROR; - return 0; + s->s3->server_opaque_prf_input = NULL; + else { + s->s3->server_opaque_prf_input = + BUF_memdup(sdata, + s->s3->server_opaque_prf_input_len); + if (s->s3->server_opaque_prf_input == NULL) { + *al = TLS1_AD_INTERNAL_ERROR; + return 0; + } } } #endif @@ -1639,12 +1644,16 @@ ssl_prepare_clienthello_tlsext(SSL *s) free(s->s3->client_opaque_prf_input); if (s->tlsext_opaque_prf_input_len == 0) - s->s3->client_opaque_prf_input = malloc(1); /* dummy byte just to get non-NULL */ - else - s->s3->client_opaque_prf_input = BUF_memdup(s->tlsext_opaque_prf_input, s->tlsext_opaque_prf_input_len); - if (s->s3->client_opaque_prf_input == NULL) { - SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT, ERR_R_MALLOC_FAILURE); - return -1; + s->s3->client_opaque_prf_input = NULL; + else { + s->s3->client_opaque_prf_input = + BUF_memdup(s->tlsext_opaque_prf_input, + s->tlsext_opaque_prf_input_len); + if (s->s3->client_opaque_prf_input == NULL) { + SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT, + ERR_R_MALLOC_FAILURE); + return -1; + } } s->s3->client_opaque_prf_input_len = s->tlsext_opaque_prf_input_len; } @@ -1740,13 +1749,17 @@ ssl_check_clienthello_tlsext_early(SSL *s) * of the same length as the client opaque PRF input! */ if (s->tlsext_opaque_prf_input_len == 0) - s->s3->server_opaque_prf_input = malloc(1); /* dummy byte just to get non-NULL */ - else - s->s3->server_opaque_prf_input = BUF_memdup(s->tlsext_opaque_prf_input, s->tlsext_opaque_prf_input_len); - if (s->s3->server_opaque_prf_input == NULL) { - ret = SSL_TLSEXT_ERR_ALERT_FATAL; - al = SSL_AD_INTERNAL_ERROR; - goto err; + s->s3->server_opaque_prf_input = NULL; + else { + s->s3->server_opaque_prf_input = + BUF_memdup(s->tlsext_opaque_prf_input, + s->tlsext_opaque_prf_input_len); + if (s->s3->server_opaque_prf_input == + NULL) { + ret = SSL_TLSEXT_ERR_ALERT_FATAL; + al = SSL_AD_INTERNAL_ERROR; + goto err; + } } s->s3->server_opaque_prf_input_len = s->tlsext_opaque_prf_input_len; } |