From 9052ffda912a48bfb0f6aa1555a97e313ee54642 Mon Sep 17 00:00:00 2001
From: Jonas Maebe <jonas.maebe@elis.ugent.be>
Date: Sun, 8 Dec 2013 23:30:09 +0100
Subject: [PATCH] ssl3_get_certificate_request: check for NULL after allocating
 s->cert->ctypes

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
---
 ssl/s3_clnt.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index c5f6ceb5c0..e178fe12ad 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -2145,6 +2145,11 @@ int ssl3_get_certificate_request(SSL *s)
 		{
 		/* If we exceed static buffer copy all to cert structure */
 		s->cert->ctypes = OPENSSL_malloc(ctype_num);
+		if (s->cert->ctypes == NULL)
+			{
+			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
 		memcpy(s->cert->ctypes, p, ctype_num);
 		s->cert->ctype_num = (size_t)ctype_num;
 		ctype_num=SSL3_CT_NUMBER;
-- 
2.40.0