Add stack space reservations.
Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4386)
This commit is contained in:
Pauli
parent
1b3e2bbf64
commit
e431363f8c
4 changed files with 18 additions and 7 deletions
|
|
@ -342,6 +342,8 @@ int ASYNC_init_thread(size_t max_size, size_t init_size)
|
||||||
OPENSSL_free(pool);
|
OPENSSL_free(pool);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
if (!sk_ASYNC_JOB_reserve(pool->jobs, init_size))
|
||||||
|
goto err;
|
||||||
|
|
||||||
pool->max_size = max_size;
|
pool->max_size = max_size;
|
||||||
|
|
||||||
|
|
@ -358,7 +360,7 @@ int ASYNC_init_thread(size_t max_size, size_t init_size)
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
job->funcargs = NULL;
|
job->funcargs = NULL;
|
||||||
sk_ASYNC_JOB_push(pool->jobs, job);
|
sk_ASYNC_JOB_push(pool->jobs, job); /* Cannot fail due to reserve */
|
||||||
curr_size++;
|
curr_size++;
|
||||||
}
|
}
|
||||||
pool->curr_size = curr_size;
|
pool->curr_size = curr_size;
|
||||||
|
|
|
||||||
|
|
@ -107,20 +107,23 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
|
||||||
CONF_VALUE *cnf, ctmp;
|
CONF_VALUE *cnf, ctmp;
|
||||||
ACCESS_DESCRIPTION *acc;
|
ACCESS_DESCRIPTION *acc;
|
||||||
int i, objlen;
|
int i, objlen;
|
||||||
|
const int num = sk_CONF_VALUE_num(nval);
|
||||||
char *objtmp, *ptmp;
|
char *objtmp, *ptmp;
|
||||||
|
|
||||||
if ((ainfo = sk_ACCESS_DESCRIPTION_new_null()) == NULL) {
|
if ((ainfo = sk_ACCESS_DESCRIPTION_new_null()) == NULL) {
|
||||||
X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE);
|
X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
|
if (!sk_ACCESS_DESCRIPTION_reserve(ainfo, num))
|
||||||
|
goto err;
|
||||||
|
for (i = 0; i < num; i++) {
|
||||||
cnf = sk_CONF_VALUE_value(nval, i);
|
cnf = sk_CONF_VALUE_value(nval, i);
|
||||||
if ((acc = ACCESS_DESCRIPTION_new()) == NULL
|
if ((acc = ACCESS_DESCRIPTION_new()) == NULL) {
|
||||||
|| !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
|
|
||||||
X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
|
X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
|
||||||
ERR_R_MALLOC_FAILURE);
|
ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
sk_ACCESS_DESCRIPTION_push(ainfo, acc); /* Cannot fail due to reserve */
|
||||||
ptmp = strchr(cnf->name, ';');
|
ptmp = strchr(cnf->name, ';');
|
||||||
if (!ptmp) {
|
if (!ptmp) {
|
||||||
X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
|
X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
|
||||||
|
|
|
||||||
|
|
@ -460,6 +460,7 @@ static void set0_CA_list(STACK_OF(X509_NAME) **ca_list,
|
||||||
STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk)
|
STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
|
const int num = sk_X509_NAME_num(sk);
|
||||||
STACK_OF(X509_NAME) *ret;
|
STACK_OF(X509_NAME) *ret;
|
||||||
X509_NAME *name;
|
X509_NAME *name;
|
||||||
|
|
||||||
|
|
@ -468,13 +469,16 @@ STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk)
|
||||||
SSLerr(SSL_F_SSL_DUP_CA_LIST, ERR_R_MALLOC_FAILURE);
|
SSLerr(SSL_F_SSL_DUP_CA_LIST, ERR_R_MALLOC_FAILURE);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
for (i = 0; i < sk_X509_NAME_num(sk); i++) {
|
if (!sk_X509_NAME_reserve(ret, num))
|
||||||
|
return NULL;
|
||||||
|
for (i = 0; i < num; i++) {
|
||||||
name = X509_NAME_dup(sk_X509_NAME_value(sk, i));
|
name = X509_NAME_dup(sk_X509_NAME_value(sk, i));
|
||||||
if (name == NULL || !sk_X509_NAME_push(ret, name)) {
|
if (name == NULL) {
|
||||||
sk_X509_NAME_pop_free(ret, X509_NAME_free);
|
sk_X509_NAME_pop_free(ret, X509_NAME_free);
|
||||||
X509_NAME_free(name);
|
X509_NAME_free(name);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
sk_X509_NAME_push(ret, name); /* Cannot fail after reserve call */
|
||||||
}
|
}
|
||||||
return (ret);
|
return (ret);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -161,6 +161,7 @@ static int ssl_dane_dup(SSL *to, SSL *from)
|
||||||
if (!DANETLS_ENABLED(&from->dane))
|
if (!DANETLS_ENABLED(&from->dane))
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
|
num = sk_danetls_record_num(from->dane.trecs);
|
||||||
dane_final(&to->dane);
|
dane_final(&to->dane);
|
||||||
to->dane.flags = from->dane.flags;
|
to->dane.flags = from->dane.flags;
|
||||||
to->dane.dctx = &to->ctx->dane;
|
to->dane.dctx = &to->ctx->dane;
|
||||||
|
|
@ -170,8 +171,9 @@ static int ssl_dane_dup(SSL *to, SSL *from)
|
||||||
SSLerr(SSL_F_SSL_DANE_DUP, ERR_R_MALLOC_FAILURE);
|
SSLerr(SSL_F_SSL_DANE_DUP, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
if (!sk_danetls_record_reserve(to->dane.trecs, num))
|
||||||
|
return 0;
|
||||||
|
|
||||||
num = sk_danetls_record_num(from->dane.trecs);
|
|
||||||
for (i = 0; i < num; ++i) {
|
for (i = 0; i < num; ++i) {
|
||||||
danetls_record *t = sk_danetls_record_value(from->dane.trecs, i);
|
danetls_record *t = sk_danetls_record_value(from->dane.trecs, i);
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue