blob: afd87baea87f23507507763391a05655e159f6d8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
From a8da305fa3dd6e34ba5aab3978281f652fd12883 Mon Sep 17 00:00:00 2001
From: yangyangtiantianlonglong <yangtianlong1224@163.com>
Date: Mon, 31 Jul 2023 07:04:41 -0700
Subject: [PATCH] A null pointer dereference occurs when memory allocation
fails
Fixes #21605
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21606)
---
ssl/ssl_sess.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index cda6b7cc5b..2a5d21be79 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -139,8 +139,11 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
dest->references = 1;
dest->lock = CRYPTO_THREAD_lock_new();
- if (dest->lock == NULL)
+ if (dest->lock == NULL) {
+ OPENSSL_free(dest);
+ dest = NULL;
goto err;
+ }
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, dest, &dest->ex_data))
goto err;
--
2.27.0
|
