commit ea77fd832ae0b4dee545e2870bb289d96b14c9bb
author Ziga Seilnacht <ziga.seilnacht@gmail.com> Mon Aug 31 21:33:58 2009 +0200
committer Ziga Seilnacht <ziga.seilnacht@gmail.com> Mon Aug 31 21:33:58 2009 +0200
tree 7670b9eb73a869e40a5bfba383368d3e7e82cb1b
parent 6079e37b76a0039419d03daba9829c57b2541f60

Add missing error checks found during code reading.

Most of these error conditions can only happen in low memory situations,
so there is no sane way to test them.

src/crypto/x509name.c

diff --git a/src/crypto/x509name.c b/src/crypto/x509name.c
index 3418d91..77046fb 100644
--- a/src/crypto/x509name.c
+++ b/src/crypto/x509name.c
@@ -55,12 +55,22 @@
 crypto_X509Name_new(PyTypeObject *subtype, PyObject *args, PyObject *kwargs)
 {
     crypto_X509NameObj *name;
+    X509_NAME *sslname;
+    PyObject *newname;
 
     if (!PyArg_ParseTuple(args, "O!:X509Name", &crypto_X509Name_Type, &name)) {
         return NULL;
     }
-
-    return (PyObject *)crypto_X509Name_New(X509_NAME_dup(name->x509_name), 1);
+    sslname = X509_NAME_dup(name->x509_name);
+    if (sslname == NULL) {
+        exception_from_error_queue(crypto_Error);
+        return NULL;
+    }
+    newname = (PyObject *)crypto_X509Name_New(sslname, 1);
+    if (newname == NULL) {
+        X509_NAME_free(sslname);
+    }
+    return newname;
 }
 
 

src/ssl/connection.c

diff --git a/src/ssl/connection.c b/src/ssl/connection.c
index e10989b..5d6d008 100755
--- a/src/ssl/connection.c
+++ b/src/ssl/connection.c
@@ -819,10 +819,21 @@
         return NULL;
 
     lst = PyList_New(0);
+    if (lst == NULL) {
+        return NULL;
+    }
     while ((ret = SSL_get_cipher_list(self->ssl, idx)) != NULL)
     {
         item = PyString_FromString(ret);
-        PyList_Append(lst, item);
+        if (item == NULL) {
+            Py_DECREF(lst);
+            return NULL;
+        }
+        if (PyList_Append(lst, item)) {
+            Py_DECREF(lst);
+            Py_DECREF(item);
+            return NULL;
+        }
         Py_DECREF(item);
         idx++;
     }

src/util.c

diff --git a/src/util.c b/src/util.c
index ae6ee5e..0ad93e3 100644
--- a/src/util.c
+++ b/src/util.c
@@ -22,26 +22,40 @@
 PyObject *
 error_queue_to_list(void) {
     PyObject *errlist, *tuple;
+    int failed;
     long err;
 
     errlist = PyList_New(0);
-
+    if (errlist == NULL) {
+        return NULL;
+    }
     while ((err = ERR_get_error()) != 0) {
-	tuple = Py_BuildValue("(sss)", ERR_lib_error_string(err),
-		                       ERR_func_error_string(err),
-				       ERR_reason_error_string(err));
-        PyList_Append(errlist, tuple);
+        tuple = Py_BuildValue("(sss)", ERR_lib_error_string(err),
+                                       ERR_func_error_string(err),
+                                       ERR_reason_error_string(err));
+        if (tuple == NULL) {
+            Py_DECREF(errlist);
+            return NULL;
+        }
+        failed = PyList_Append(errlist, tuple);
         Py_DECREF(tuple);
+        if (failed) {
+            Py_DECREF(errlist);
+            return NULL;
+        }
     }
 
     return errlist;
 }
 
-void exception_from_error_queue(PyObject *the_Error) { 
+void exception_from_error_queue(PyObject *the_Error) {
     PyObject *errlist = error_queue_to_list();
-    PyErr_SetObject(the_Error, errlist);
-    Py_DECREF(errlist);
-} 
+
+    if (errlist != NULL) {
+        PyErr_SetObject(the_Error, errlist);
+        Py_DECREF(errlist);
+    }
+}
 
 /*
  * Flush OpenSSL's error queue and ignore the result
@@ -57,5 +71,5 @@
      * very nasty things if we just invoked it with error_queue_to_list().
      */
     PyObject *list = error_queue_to_list();
-    Py_DECREF(list);
+    Py_XDECREF(list);
 }