Commit 6a411436 authored by Dr. Matthias St. Pierre's avatar Dr. Matthias St. Pierre
Browse files

trace: fix out-of-bound memory access 



When OSSL_trace_get_category_num() is called with an unknown category
name, it returns -1. This case needs to be considered in order to
avoid out-of-bound memory access to the `trace_channels` array.

Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8552)
parent 0fda9f7c

crypto/trace.c

+5 −1
Original line number Diff line number Diff line
@@ -431,6 +431,7 @@ int OSSL_trace_enabled(int category) 
    int ret = 0;

#ifndef OPENSSL_NO_TRACE

    category = ossl_trace_get_category(category);

    if (category >= 0)

        ret = trace_channels[category].bio != NULL;

#endif

    return ret;
@@ -443,6 +444,9 @@ BIO *OSSL_trace_begin(int category) 
    char *prefix = NULL;



    category = ossl_trace_get_category(category);

    if (category < 0)

        return NULL;



    channel = trace_channels[category].bio;

    prefix = trace_channels[category].prefix;