diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2009-03-08 22:56:55 +0000 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2009-03-08 22:56:55 +0000 |
| commit | f4e8c406bbb279eb8d96576475c808c2c769c687 (patch) | |
| tree | 888a8570dd5e33a9830a51049e9a1d1a5201899e | |
| parent | 12bfcb501c82f7a0911a8ee92b5e8143225ce207 (diff) | |
- Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the
allocation of the memory BIO was not being properly checked.
| -rw-r--r-- | CHANGES | 3 | ||||
| -rw-r--r-- | RELEASE-NOTES | 1 | ||||
| -rw-r--r-- | lib/ssluse.c | 3 |
3 files changed, 7 insertions, 0 deletions
@@ -7,6 +7,9 @@ Changelog Daniel Stenberg (8 Mar 2009) +- Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the + allocation of the memory BIO was not being properly checked. + - Andre Guibert de Bruet fixed the gnutls-using code: There are a few places in the gnutls code where we were checking for negative values for errors, when the man pages state that GNUTLS_E_SUCCESS is returned on success and diff --git a/RELEASE-NOTES b/RELEASE-NOTES index f0fbefacd..3dbc5bece 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -16,6 +16,7 @@ This release includes the following bugfixes: o NTLM authentication memory leak on SSPI enabled Windows builds o fixed the GnuTLS-using code to do correct return code checks + o an alloc-related call in the OpenSSL-using code didn't check the return value This release includes the following known bugs: diff --git a/lib/ssluse.c b/lib/ssluse.c index cb2a2163d..eb645d5e7 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -565,6 +565,9 @@ static int x509_name_oneline(X509_NAME *a, char *buf, size_t size) BUF_MEM *biomem; int rc; + if(!bio_out) + return 1; /* alloc failed! */ + rc = X509_NAME_print_ex(bio_out, a, 0, XN_FLAG_SEP_CPLUS_SPC); BIO_get_mem_ptr(bio_out, &biomem); |