Fix an unchecked strdup() in UI_create_method().

author jsing <jsing@openbsd.org>

Fri, 23 Dec 2022 02:27:47 +0000 (02:27 +0000)

committer jsing <jsing@openbsd.org>

Fri, 23 Dec 2022 02:27:47 +0000 (02:27 +0000)
author jsing <jsing@openbsd.org>
Fri, 23 Dec 2022 02:27:47 +0000 (02:27 +0000)
committer jsing <jsing@openbsd.org>
Fri, 23 Dec 2022 02:27:47 +0000 (02:27 +0000)
diff --git a/lib/libcrypto/ui/ui_lib.c b/lib/libcrypto/ui/ui_lib.c

index e36c270..8811bf8 100644 (file)
--- a/lib/libcrypto/ui/ui_lib.c
+++ b/lib/libcrypto/ui/ui_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ui_lib.c,v 1.48 2022/12/23 02:26:16 jsing Exp $ */
+/* $OpenBSD: ui_lib.c,v 1.49 2022/12/23 02:27:47 jsing Exp $ */
  /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
   * project 2001.
   */
@@ -561,16 +561,25 @@ UI_set_method(UI *ui, const UI_METHOD *meth)
  }
  LCRYPTO_ALIAS(UI_set_method)
  
-
  UI_METHOD *
  UI_create_method(const char *name)
  {
-       UI_METHOD *ui_method = calloc(1, sizeof(UI_METHOD));
+       UI_METHOD *method = NULL;
+
+       if ((method = calloc(1, sizeof(UI_METHOD))) == NULL)
+               goto err;
  
-       if (ui_method && name)
-               ui_method->name = strdup(name);
+       if (name != NULL) {
+               if ((method->name = strdup(name)) == NULL)
+                       goto err;
+       }
  
-       return ui_method;
+       return method;
+
+ err:
+       UI_destroy_method(method);
+
+       return NULL;
  }
  LCRYPTO_ALIAS(UI_create_method)
author	jsing <jsing@openbsd.org>
	Fri, 23 Dec 2022 02:27:47 +0000 (02:27 +0000)
committer	jsing <jsing@openbsd.org>
	Fri, 23 Dec 2022 02:27:47 +0000 (02:27 +0000)