Dev news

Commit ffb5ca705b for openssl.org

commit ffb5ca705be6bdfdee9834e969d4a43d114fdea6
Author: Jiasheng Jiang <jiashengjiangcool@gmail.com>
Date:   Tue Jul 8 18:44:20 2025 +0000

    test/bio_base64_test.c: Add check for BIO_new()

    Add check for the return value of BIO_new() to avoid NULL pointer dereference.

    Fixes: 0cd9dd703e ("Improve base64 BIO correctness and error reporting")
    Signed-off-by: Jiasheng Jiang <jiashengjiangcool@gmail.com>

    Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
    MergeDate: Mon Jan 12 18:42:15 2026
    (Merged from https://github.com/openssl/openssl/pull/27993)

diff --git a/test/bio_base64_test.c b/test/bio_base64_test.c
index 62f11c3b24..733bfa1b7d 100644
--- a/test/bio_base64_test.c
+++ b/test/bio_base64_test.c
@@ -182,12 +182,12 @@ static int genb64(char *prefix, char *suffix, unsigned const char *buf,

 static int test_bio_base64_run(test_case *t, int llen, int wscnt)
 {
-    unsigned char *raw;
-    unsigned char *out;
+    unsigned char *raw = NULL;
+    unsigned char *out = NULL;
     unsigned out_len;
     char *encoded = NULL;
     int elen;
-    BIO *bio, *b64;
+    BIO *bio = NULL, *b64 = NULL;
     int n, n1, n2;
     int ret;

@@ -208,19 +208,17 @@ static int test_bio_base64_run(test_case *t, int llen, int wscnt)
     out_len = t->bytes + 1024;
     out = OPENSSL_malloc(out_len);
     if (out == NULL) {
-        OPENSSL_free(raw);
         TEST_error("out of memory");
-        return -1;
+        ret = -1;
+        goto end;
     }

     elen = genb64(t->prefix, t->suffix, raw, t->bytes, t->trunc, t->encoded,
         llen, wscnt, &encoded);
     if (elen < 0 || (bio = BIO_new(BIO_s_mem())) == NULL) {
-        OPENSSL_free(raw);
-        OPENSSL_free(out);
-        OPENSSL_free(encoded);
         TEST_error("out of memory");
-        return -1;
+        ret = -1;
+        goto end;
     }
     if (t->retry)
         BIO_set_mem_eof_return(bio, EOF_RETURN);
@@ -238,7 +236,10 @@ static int test_bio_base64_run(test_case *t, int llen, int wscnt)
     if (n1 > 0)
         BIO_write(bio, encoded, n1);

-    b64 = BIO_new(BIO_f_base64());
+    if (!TEST_ptr(b64 = BIO_new(BIO_f_base64()))) {
+        ret = -1;
+        goto end;
+    }
     if (t->no_nl)
         BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
     BIO_push(b64, bio);
@@ -296,11 +297,12 @@ static int test_bio_base64_run(test_case *t, int llen, int wscnt)
         ret = -1;
     }

-    BIO_free_all(b64);
-    OPENSSL_free(out);
+end:
+    BIO_free(bio);
+    BIO_free(b64);
     OPENSSL_free(raw);
+    OPENSSL_free(out);
     OPENSSL_free(encoded);
-
     return ret;
 }