NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commit9dc8580

committed

Avoid potential pfree on NULL on OpenSSL errors

Guard against the pointer being NULL before pfreeing upon an errorreturned from OpenSSL. Also handle errors from X509_NAME_print_exwhich also can return -1 on memory allocation errors.Backpatch down to v15 where the code was added.Author: Sergey Shinderuk <s.shinderuk@postgrespro.ru>Discussion:https://postgr.es/m/8db5374d-32e0-6abb-d402-40762511eff2@postgrespro.ruBackpatch-through: v15

1 parent77dc816 commit9dc8580Copy full SHA for 9dc8580

File tree

1 file changed

+17

-8

lines changed

src/backend/libpq
- be-secure-openssl.c

1 file changed

+17

-8

lines changed

`‎src/backend/libpq/be-secure-openssl.c‎`

Lines changed: 17 additions & 8 deletions

Original file line number	Diff line number	Diff line change
`@@ -615,8 +615,11 @@ be_tls_open_server(Port *port)`
`615`	`615`	`bio=BIO_new(BIO_s_mem());`
`616`	`616`	`if (!bio)`
`617`	`617`	`{`
`618`		`-pfree(port->peer_cn);`
`619`		`-port->peer_cn=NULL;`
	`618`	`+if (port->peer_cn!=NULL)`
	`619`	`+{`
	`620`	`+pfree(port->peer_cn);`
	`621`	`+port->peer_cn=NULL;`
	`622`	`+}`
`620`	`623`	`return-1;`
`621`	`624`	`}`
`622`	`625`
`@@ -627,12 +630,15 @@ be_tls_open_server(Port *port)`
`627`	`630`	`* which make regular expression matching a bit easier. Also note that`
`628`	`631`	`* it prints the Subject fields in reverse order.`
`629`	`632`	`*/`
`630`		`-X509_NAME_print_ex(bio,x509name,0,XN_FLAG_RFC2253);`
`631`		`-if (BIO_get_mem_ptr(bio,&bio_buf) <=0)`
	`633`	`+if (X509_NAME_print_ex(bio,x509name,0,XN_FLAG_RFC2253)==-1\|\|`
	`634`	`+BIO_get_mem_ptr(bio,&bio_buf) <=0)`
`632`	`635`	`{`
`633`	`636`	`BIO_free(bio);`
`634`		`-pfree(port->peer_cn);`
`635`		`-port->peer_cn=NULL;`
	`637`	`+if (port->peer_cn!=NULL)`
	`638`	`+{`
	`639`	`+pfree(port->peer_cn);`
	`640`	`+port->peer_cn=NULL;`
	`641`	`+}`
`636`	`642`	`return-1;`
`637`	`643`	`}`
`638`	`644`	`peer_dn=MemoryContextAlloc(TopMemoryContext,bio_buf->length+1);`
`@@ -646,8 +652,11 @@ be_tls_open_server(Port *port)`
`646`	`652`	`(errcode(ERRCODE_PROTOCOL_VIOLATION),`
`647`	`653`	`errmsg("SSL certificate's distinguished name contains embedded null")));`
`648`	`654`	`pfree(peer_dn);`
`649`		`-pfree(port->peer_cn);`
`650`		`-port->peer_cn=NULL;`
	`655`	`+if (port->peer_cn!=NULL)`
	`656`	`+{`
	`657`	`+pfree(port->peer_cn);`
	`658`	`+port->peer_cn=NULL;`
	`659`	`+}`
`651`	`660`	`return-1;`
`652`	`661`	`}`
`653`	`662`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit9dc8580

File tree

1 file changed

1 file changed

`‎src/backend/libpq/be-secure-openssl.c‎`

0 commit comments