diff options
author | David Benjamin <davidben@google.com> | 2016-09-27 08:28:35 +0300 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2016-09-27 16:27:06 +0300 |
commit | 5ab45960704cffa1dfdefc53c4be8b4aca6466e3 (patch) | |
tree | c99f65c126a942b4a026d004237f93cbae4ed146 | |
parent | 1eeb0b00baa6f67f223bacd4b74cfade4d424950 (diff) |
Fix ssl_ctx_make_profiles error handling.
It didn't clean up |profiles| on error or check for
sk_SRTP_PROTECTION_PROFILE_push failures.
Change-Id: I44d7f64896ad73347fbb0fc79752be4de70d3ab7
Reviewed-on: https://boringssl-review.googlesource.com/11323
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
-rw-r--r-- | ssl/d1_srtp.c | 31 |
1 files changed, 17 insertions, 14 deletions
diff --git a/ssl/d1_srtp.c b/ssl/d1_srtp.c index 324bff77..10853777 100644 --- a/ssl/d1_srtp.c +++ b/ssl/d1_srtp.c @@ -160,27 +160,27 @@ static int find_profile_by_name(const char *profile_name, static int ssl_ctx_make_profiles(const char *profiles_string, STACK_OF(SRTP_PROTECTION_PROFILE) **out) { - STACK_OF(SRTP_PROTECTION_PROFILE) *profiles; - - const char *col; - const char *ptr = profiles_string; - - profiles = sk_SRTP_PROTECTION_PROFILE_new_null(); + STACK_OF(SRTP_PROTECTION_PROFILE) *profiles = + sk_SRTP_PROTECTION_PROFILE_new_null(); if (profiles == NULL) { OPENSSL_PUT_ERROR(SSL, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); return 0; } + const char *col; + const char *ptr = profiles_string; do { - const SRTP_PROTECTION_PROFILE *p; - col = strchr(ptr, ':'); - if (find_profile_by_name(ptr, &p, - col ? (size_t)(col - ptr) : strlen(ptr))) { - sk_SRTP_PROTECTION_PROFILE_push(profiles, p); - } else { + + const SRTP_PROTECTION_PROFILE *profile; + if (!find_profile_by_name(ptr, &profile, + col ? (size_t)(col - ptr) : strlen(ptr))) { OPENSSL_PUT_ERROR(SSL, SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE); - return 0; + goto err; + } + + if (!sk_SRTP_PROTECTION_PROFILE_push(profiles, profile)) { + goto err; } if (col) { @@ -190,8 +190,11 @@ static int ssl_ctx_make_profiles(const char *profiles_string, sk_SRTP_PROTECTION_PROFILE_free(*out); *out = profiles; - return 1; + +err: + sk_SRTP_PROTECTION_PROFILE_free(profiles); + return 0; } int SSL_CTX_set_srtp_profiles(SSL_CTX *ctx, const char *profiles) { |