From 80a8ebde0fa1eb4f086ea730ed7ce2f5f1a25b40 Mon Sep 17 00:00:00 2001 From: Giovanni Bechis Date: Tue, 6 Jun 2023 22:25:41 +0000 Subject: [PATCH] check BIO_read return values submitted by Jiasheng Jiang bz #65922 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1910268 13f79535-47bb-0310-9956-ffa450edef68 --- modules/ssl/ssl_util_ssl.c | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/modules/ssl/ssl_util_ssl.c b/modules/ssl/ssl_util_ssl.c index a6e3a9d3c6..a4c312b7fb 100644 --- a/modules/ssl/ssl_util_ssl.c +++ b/modules/ssl/ssl_util_ssl.c @@ -187,12 +187,16 @@ BOOL modssl_X509_getBC(X509 *cert, int *ca, int *pathlen) char *modssl_bio_free_read(apr_pool_t *p, BIO *bio) { - int len = BIO_pending(bio); + int len = BIO_pending(bio), tmp; char *result = NULL; if (len > 0) { result = apr_palloc(p, len+1); - len = BIO_read(bio, result, len); + tmp = len; + if ((len = BIO_read(bio, result, len)) != tmp) { + BIO_free(bio); + return NULL; + } result[len] = NUL; } BIO_free(bio); @@ -236,7 +240,7 @@ char *modssl_X509_NAME_to_string(apr_pool_t *p, X509_NAME *dn, int maxlen) { char *result = NULL; BIO *bio; - int len; + int len, tmp; if ((bio = BIO_new(BIO_s_mem())) == NULL) return NULL; @@ -245,13 +249,20 @@ char *modssl_X509_NAME_to_string(apr_pool_t *p, X509_NAME *dn, int maxlen) if (len > 0) { result = apr_palloc(p, (maxlen > 0) ? maxlen+1 : len+1); if (maxlen > 0 && maxlen < len) { - len = BIO_read(bio, result, maxlen); + if ((len = BIO_read(bio, result, maxlen)) != maxlen) { + BIO_free(bio); + return NULL; + } if (maxlen > 2) { /* insert trailing ellipsis if there's enough space */ apr_snprintf(result + maxlen - 3, 4, "..."); } } else { - len = BIO_read(bio, result, len); + tmp = len; + if ((len = BIO_read(bio, result, len)) != tmp) { + BIO_free(bio); + return NULL; + } } result[len] = NUL; }