add a check for the return of sk_SRP_gN_new_null() so that capture the potential memory error in time

Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19435)
author: xkernel <xkernel.wang@foxmail.com> 2022-10-19 00:54:26 +0800
committer: Pauli <pauli@openssl.org> 2022-10-20 19:04:44 +1100
commit: f44d32fdfbd2a249dae74dc24478f31fca69d288 (patch)
tree: 5ba87ecea91d28e5cf9596d8773d51fa6297a0be
parent: fdc5043d58900663b493147298e64f11353b35fe (diff)
download: openssl-new-f44d32fdfbd2a249dae74dc24478f31fca69d288.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c
index b490845e22..72ef5e814e 100644
--- a/crypto/srp/srp_vfy.c
+++ b/crypto/srp/srp_vfy.c
@@ -391,7 +391,7 @@ static BIGNUM *SRP_gN_place_bn(STACK_OF(SRP_gN_cache) *gN_cache, char *ch)
 
 int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file)
 {
-    int error_code;
+    int error_code = SRP_ERR_MEMORY;
     STACK_OF(SRP_gN) *SRP_gN_tab = sk_SRP_gN_new_null();
     char *last_index = NULL;
     int i;
@@ -403,6 +403,9 @@ int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file)
     TXT_DB *tmpdb = NULL;
     BIO *in = BIO_new(BIO_s_file());
 
+    if (SRP_gN_tab == NULL)
+        goto err;
+
     error_code = SRP_ERR_OPEN_FILE;
 
     if (in == NULL || BIO_read_filename(in, verifier_file) <= 0)
author	xkernel <xkernel.wang@foxmail.com>	2022-10-19 00:54:26 +0800
committer	Pauli <pauli@openssl.org>	2022-10-20 19:04:44 +1100
commit	f44d32fdfbd2a249dae74dc24478f31fca69d288 (patch)
tree	5ba87ecea91d28e5cf9596d8773d51fa6297a0be
parent	fdc5043d58900663b493147298e64f11353b35fe (diff)
download	openssl-new-f44d32fdfbd2a249dae74dc24478f31fca69d288.tar.gz