diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2017-03-13 23:08:54 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2017-03-13 23:08:54 +0900 |
commit | 33a6eead76510d020903d52670d0809dbcd8a21c (patch) | |
tree | fa9e8c204b9892703d04549abbbeb8a14ad8a593 | |
parent | 8184a8cb491a503b9b7dbf14e56c93bc921fd3c5 (diff) | |
download | ruby-openssl-wip-topic/check-memory-alloc-failures.tar.gz |
Check return value of CRYPTO_set_ex_data()wip-topic/check-memory-alloc-failures
It may fail on the first call due to memory allocation failure.
-rw-r--r-- | ext/openssl/ossl_ssl.c | 12 | ||||
-rw-r--r-- | ext/openssl/ossl_x509store.c | 8 |
2 files changed, 13 insertions, 7 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index d3282037..49b50bc1 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -127,7 +127,8 @@ ossl_sslctx_s_alloc(VALUE klass) } SSL_CTX_set_mode(ctx, mode); RTYPEDDATA_DATA(obj) = ctx; - SSL_CTX_set_ex_data(ctx, ossl_sslctx_ex_ptr_idx, (void *)obj); + if (!SSL_CTX_set_ex_data(ctx, ossl_sslctx_ex_ptr_idx, (void *)obj)) + ossl_raise(eSSLError, "SSL_CTX_set_ex_data"); #if !defined(OPENSSL_NO_EC) && defined(HAVE_SSL_CTX_SET_ECDH_AUTO) /* We use SSL_CTX_set1_curves_list() to specify the curve used in ECDH. It @@ -803,7 +804,8 @@ ossl_sslctx_setup(VALUE self) * X509_STORE_free() doesn't care it. * So we won't increment it but mark it by ex_data. */ - SSL_CTX_set_ex_data(ctx, ossl_sslctx_ex_store_p, ctx); + if (!SSL_CTX_set_ex_data(ctx, ossl_sslctx_ex_store_p, ctx)) + ossl_raise(eSSLError, "SSL_CTX_set_ex_data"); #else /* Fixed in OpenSSL 1.0.2; bff9ce4db38b (master), 5b4b9ce976fc (1.0.2) */ X509_STORE_up_ref(store); #endif @@ -1441,10 +1443,12 @@ ossl_ssl_initialize(int argc, VALUE *argv, VALUE self) ossl_raise(eSSLError, NULL); RTYPEDDATA_DATA(self) = ssl; - SSL_set_ex_data(ssl, ossl_ssl_ex_ptr_idx, (void *)self); + if (!SSL_set_ex_data(ssl, ossl_ssl_ex_ptr_idx, (void *)self)) + ossl_raise(eSSLError, "SSL_set_ex_data"); SSL_set_info_callback(ssl, ssl_info_cb); verify_cb = rb_attr_get(v_ctx, id_i_verify_callback); - SSL_set_ex_data(ssl, ossl_ssl_ex_vcb_idx, (void *)verify_cb); + if (!SSL_set_ex_data(ssl, ossl_ssl_ex_vcb_idx, (void *)verify_cb)) + ossl_raise(eSSLError, "SSL_set_ex_data"); rb_call_super(0, NULL); diff --git a/ext/openssl/ossl_x509store.c b/ext/openssl/ossl_x509store.c index 3ea6ea14..3d8521b4 100644 --- a/ext/openssl/ossl_x509store.c +++ b/ext/openssl/ossl_x509store.c @@ -204,7 +204,8 @@ ossl_x509store_set_vfy_cb(VALUE self, VALUE cb) X509_STORE *store; GetX509Store(self, store); - X509_STORE_set_ex_data(store, store_ex_verify_cb_idx, (void *)cb); + if (!X509_STORE_set_ex_data(store, store_ex_verify_cb_idx, (void *)cb)) + ossl_raise(eX509StoreError, "X509_STORE_set_ex_data"); rb_iv_set(self, "@verify_callback", cb); return cb; @@ -578,8 +579,9 @@ ossl_x509stctx_verify(VALUE self) X509_STORE_CTX *ctx; GetX509StCtx(self, ctx); - X509_STORE_CTX_set_ex_data(ctx, stctx_ex_verify_cb_idx, - (void *)rb_iv_get(self, "@verify_callback")); + if (!X509_STORE_CTX_set_ex_data(ctx, stctx_ex_verify_cb_idx, + (void *)rb_iv_get(self, "@verify_callback"))) + ossl_raise(eX509StoreError, "X509_STORE_CTX_set_ex_data"); switch (X509_verify_cert(ctx)) { case 1: |