dh_exch.c: Add check for OPENSSL_strdup

Since the OPENSSL_strdup() may return NULL if allocation fails, it should be better to check the return value. Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #17651)
openssl · Feb 14, 2022 · c920020 · c920020
1 parent 7585073
commit c920020
Showing 1 changed file with 16 additions and 4 deletions.
diff --git a/providers/implementations/exchange/dh_exch.c b/providers/implementations/exchange/dh_exch.c
@@ -292,7 +292,12 @@ static void *dh_dupctx(void *vpdhctx)
         if (dstctx->kdf_ukm == NULL)
             goto err;
     }
-    dstctx->kdf_cekalg = OPENSSL_strdup(srcctx->kdf_cekalg);
+
+    if (srcctx->kdf_cekalg != NULL) {
+        dstctx->kdf_cekalg = OPENSSL_strdup(srcctx->kdf_cekalg);
+        if (dstctx->kdf_cekalg == NULL)
+            goto err;
+    }
 
     return dstctx;
 err:
@@ -390,9 +395,16 @@ static int dh_set_ctx_params(void *vpdhctx, const OSSL_PARAM params[])
     p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_CEK_ALG);
     if (p != NULL) {
         str = name;
-        if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(name)))
-            return 0;
-        pdhctx->kdf_cekalg = OPENSSL_strdup(name);
+
+        OPENSSL_free(pdhctx->kdf_cekalg);
+        pdhctx->kdf_cekalg = NULL;
+        if (p->data != NULL && p->data_size != 0) {
+            if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(name)))
+                return 0;
+            pdhctx->kdf_cekalg = OPENSSL_strdup(name);
+            if (pdhctx->kdf_cekalg == NULL)
+                return 0;
+        }
     }
     return 1;
 }