From f278551232d3f3000ee1c6e2116eae4b40f3e5f4 Mon Sep 17 00:00:00 2001 From: Remi Tricot-Le Breton Date: Wed, 16 Feb 2022 14:42:22 +0100 Subject: [PATCH] BUG/MINOR: ssl: Add missing return value check in ssl_ocsp_response_print The b_istput function called to append the last data block to the end of an OCSP response's detailed output was not checked in ssl_ocsp_response_print. The ssl_ocsp_response_print return value checks were added as well since some of them were missing. This error was raised by Coverity (CID 1469513). This patch fixes GitHub issue #1541. It can be backported to 2.5. (cherry picked from commit a9a591ab3dcf316e30506ec79eb9c255d2b2106c) Signed-off-by: William Lallemand --- src/ssl_ckch.c | 6 ++++-- src/ssl_sock.c | 10 +++++++--- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c index 192ad6c..8433710 100644 --- a/src/ssl_ckch.c +++ b/src/ssl_ckch.c @@ -1618,7 +1618,8 @@ static int cli_io_handler_show_cert_ocsp_detail(struct appctx *appctx) * Otherwise, we must rebuild the certificate's certid in order to * look for the current OCSP response in the tree. */ if (from_transaction && ckchs->ckch->ocsp_response) { - ssl_ocsp_response_print(ckchs->ckch->ocsp_response, out); + if (ssl_ocsp_response_print(ckchs->ckch->ocsp_response, out)) + goto end_no_putchk; } else { unsigned char key[OCSP_MAX_CERTID_ASN1_LENGTH] = {}; @@ -1627,7 +1628,8 @@ static int cli_io_handler_show_cert_ocsp_detail(struct appctx *appctx) if (ckch_store_build_certid(ckchs, (unsigned char*)key, &key_length) < 0) goto end_no_putchk; - ssl_get_ocspresponse_detail(key, out); + if (ssl_get_ocspresponse_detail(key, out)) + goto end_no_putchk; } if (ci_putchk(si_ic(si), out) == -1) { diff --git a/src/ssl_sock.c b/src/ssl_sock.c index be9104c..0fb5761 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -7362,6 +7362,7 @@ int ssl_ocsp_response_print(struct buffer *ocsp_response, struct buffer *out) int write = -1; OCSP_RESPONSE *resp; const unsigned char *p; + int retval = -1; if (!ocsp_response) return -1; @@ -7414,13 +7415,13 @@ int ssl_ocsp_response_print(struct buffer *ocsp_response, struct buffer *out) ist_double_lf = istist(ist_block, double_lf); } - b_istput(out, ist_block); + retval = (b_istput(out, ist_block) <= 0); } if (bio) BIO_free(bio); - return 0; + return retval; } /* @@ -7451,7 +7452,10 @@ static int cli_io_handler_show_ocspresponse_detail(struct appctx *appctx) if (trash == NULL) return 1; - ssl_ocsp_response_print(&ocsp->response, trash); + if (ssl_ocsp_response_print(&ocsp->response, trash)) { + free_trash_chunk(trash); + return 1; + } if (ci_putchk(si_ic(si), trash) == -1) { si_rx_room_blk(si); -- 1.7.10.4