commit 176dbf04b725b1ee53415fb84720935491c6b989
author David Benjamin <davidben@google.com> Thu Apr 28 20:30:03 2016 -0400
committer David Benjamin <davidben@google.com> Fri Apr 29 16:22:05 2016 +0000
tree 303c73012431c9efb54239d8826aaed08a220ee7
parent 3bb5a77205b1ea66fd7ad3d103ff15cb752fe0bd

Check for malloc failure in r2i_certpol.

See upstream's 34b9acbd3f81b46967f692c0af49020c8c405746.

Change-Id: I88d5b3cfbbe87e883323a9e6e1bf85227ed9576e
Reviewed-on: https://boringssl-review.googlesource.com/7811
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>

crypto/x509v3/v3_cpols.c

diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c
index 4d086ab..d67dcb0 100644
--- a/crypto/x509v3/v3_cpols.c
+++ b/crypto/x509v3/v3_cpols.c
@@ -190,6 +190,11 @@
                 goto err;
             }
             pol = POLICYINFO_new();
+            if (pol == NULL) {
+                OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
+                ASN1_OBJECT_free(pobj);
+                goto err;
+            }
             pol->policyid = pobj;
         }
         if (!sk_POLICYINFO_push(pols, pol)) {