- Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the

allocation of the memory BIO was not being properly checked.

- Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the
f4e8c406 · Daniel Stenberg · 12bfcb50 · f4e8c406 · f4e8c406 · f4e8c406
Commit f4e8c406 authored 16 years ago by Daniel Stenberg
--- a/CHANGES
+++ b/CHANGES
@@ -7,6 +7,9 @@
                                  Changelog

 Daniel Stenberg (8 Mar 2009)
+- Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the
+  allocation of the memory BIO was not being properly checked.
+
 - Andre Guibert de Bruet fixed the gnutls-using code: There are a few places
  in the gnutls code where we were checking for negative values for errors,
  when the man pages state that GNUTLS_E_SUCCESS is returned on success and

--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -16,6 +16,7 @@ This release includes the following bugfixes:

 o NTLM authentication memory leak on SSPI enabled Windows builds
 o fixed the GnuTLS-using code to do correct return code checks
+ o an alloc-related call in the OpenSSL-using code didn't check the return value

 This release includes the following known bugs:


--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -565,6 +565,9 @@ static int x509_name_oneline(X509_NAME *a, char *buf, size_t size)
  BUF_MEM *biomem;
  int rc;

+  if(!bio_out)
+    return 1; /* alloc failed! */
+
  rc = X509_NAME_print_ex(bio_out, a, 0, XN_FLAG_SEP_CPLUS_SPC);
  BIO_get_mem_ptr(bio_out, &biomem);