From 34294a65b29b19ed3699f7cdd7ff98bdf02b1d48 Mon Sep 17 00:00:00 2001
From: x2018 <xkernel.wang@foxmail.com>
Date: Wed, 1 Dec 2021 11:20:33 +0800
Subject: openssl: check the return value of BIO_new()

Closes #8078
---
 lib/vtls/openssl.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 237f49878..94bfb57e7 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -3570,6 +3570,9 @@ static CURLcode get_cert_chain(struct Curl_easy *data,
   }
 
   mem = BIO_new(BIO_s_mem());
+  if(!mem) {
+    return CURLE_OUT_OF_MEMORY;
+  }
 
   for(i = 0; i < (int)numcerts; i++) {
     ASN1_INTEGER *num;
@@ -3866,6 +3869,15 @@ static CURLcode servercert(struct Curl_easy *data,
   BIO *mem = BIO_new(BIO_s_mem());
   struct ssl_backend_data *backend = connssl->backend;
 
+  if(!mem) {
+    failf(data,
+          "BIO_new return NULL, " OSSL_PACKAGE
+          " error %s",
+          ossl_strerror(ERR_get_error(), error_buffer,
+                        sizeof(error_buffer)) );
+    return CURLE_OUT_OF_MEMORY;
+  }
+
   if(data->set.ssl.certinfo)
     /* we've been asked to gather certificate info! */
     (void)get_cert_chain(data, connssl);
-- 
cgit v1.2.1