diff options
author | Tobias Nießen <tniessen@tnie.de> | 2022-09-01 15:59:43 +0300 |
---|---|---|
committer | RafaelGSS <rafael.nunu@hotmail.com> | 2022-09-07 15:20:52 +0300 |
commit | 125ab7da2aa00c37a379f0156c1ed78a79481021 (patch) | |
tree | 2d14a22f0246c395b7a68ca4240cf9aa38226920 /src | |
parent | aa34f7347b8b23f8715a42da7cdc1d83099352f7 (diff) |
src: improve error handling in CloneSSLCerts
If sk_X509_new() returns NULL or if sk_X509_push() fails, return instead
of silently ignoring the error.
PR-URL: https://github.com/nodejs/node/pull/44410
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/crypto/crypto_common.cc | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/crypto/crypto_common.cc b/src/crypto/crypto_common.cc index e47044be506..3bf480f8f0c 100644 --- a/src/crypto/crypto_common.cc +++ b/src/crypto/crypto_common.cc @@ -323,8 +323,9 @@ constexpr auto GetCipherVersion = GetCipherValue<SSL_CIPHER_get_version>; StackOfX509 CloneSSLCerts(X509Pointer&& cert, const STACK_OF(X509)* const ssl_certs) { StackOfX509 peer_certs(sk_X509_new(nullptr)); - if (cert) - sk_X509_push(peer_certs.get(), cert.release()); + if (!peer_certs) return StackOfX509(); + if (cert && !sk_X509_push(peer_certs.get(), cert.release())) + return StackOfX509(); for (int i = 0; i < sk_X509_num(ssl_certs); i++) { X509Pointer cert(X509_dup(sk_X509_value(ssl_certs, i))); if (!cert || !sk_X509_push(peer_certs.get(), cert.get())) |