diff --git a/openssl-dynamic/src/main/c/cert_compress.c b/openssl-dynamic/src/main/c/cert_compress.c index e14fe976..833889ec 100644 --- a/openssl-dynamic/src/main/c/cert_compress.c +++ b/openssl-dynamic/src/main/c/cert_compress.c @@ -54,6 +54,9 @@ static int compress(jobject compression_algorithm, jmethodID compress_method, SS return 0; // Unable to reserve space for compressed data } jbyte* resultData = (*e)->GetByteArrayElements(e, resultArray, NULL); + if (resultData == NULL) { + return 0; + } memcpy(outData, resultData, resultLen); (*e)->ReleaseByteArrayElements(e, resultArray, resultData, JNI_ABORT); if (!CBB_did_write(out, resultLen)) { @@ -102,6 +105,9 @@ static int decompress(jobject compression_algorithm, jmethodID decompress_method return 0; // Unable to allocate certificate decompression buffer } jbyte* resultData = (*e)->GetByteArrayElements(e, resultArray, NULL); + if (resultData == NULL) { + return 0; + } memcpy(outData, resultData, uncompressed_len); (*e)->ReleaseByteArrayElements(e, resultArray, resultData, JNI_ABORT); return 1; // Success diff --git a/openssl-dynamic/src/main/c/ssl.c b/openssl-dynamic/src/main/c/ssl.c index 12770473..eec69a0a 100644 --- a/openssl-dynamic/src/main/c/ssl.c +++ b/openssl-dynamic/src/main/c/ssl.c @@ -1849,7 +1849,6 @@ TCN_IMPLEMENT_CALL(jbyteArray, SSL, getSessionId)(TCN_STDARGS, jlong ssl) return NULL; } - if ((bArray = (*e)->NewByteArray(e, len)) == NULL) { return NULL; } diff --git a/openssl-dynamic/src/main/c/sslcontext.c b/openssl-dynamic/src/main/c/sslcontext.c index fbf0984f..5a107708 100644 --- a/openssl-dynamic/src/main/c/sslcontext.c +++ b/openssl-dynamic/src/main/c/sslcontext.c @@ -1363,7 +1363,11 @@ TCN_IMPLEMENT_CALL(void, SSLContext, setSessionTicketKeys0)(TCN_STDARGS, jlong c return; } - b = (*e)->GetByteArrayElements(e, keys, NULL); + if ((b = (*e)->GetByteArrayElements(e, keys, NULL)) == NULL) { + tcn_ThrowException(e, "GetByteArrayElements() returned null"); + return; + } + for (i = 0; i < cnt; ++i) { key = b + (SSL_SESSION_TICKET_KEY_SIZE * i); memcpy(ticket_keys[i].key_name, key, 16); @@ -1495,7 +1499,7 @@ static jbyteArray get_certs(JNIEnv *e, SSL* ssl, STACK_OF(X509)* chain) { length = i2d_X509(cert, &buf); #endif // OPENSSL_IS_BORINGSSL - if (length <= 0 || (bArray = (*e)->NewByteArray(e, length)) == NULL ) { + if (length <= 0 || (bArray = (*e)->NewByteArray(e, length)) == NULL) { NETTY_JNI_UTIL_DELETE_LOCAL(e, array); array = NULL; goto complete; @@ -2173,7 +2177,11 @@ static enum ssl_private_key_result_t tcn_private_key_sign_java(SSL *ssl, uint8_t } else { arrayLen = (*e)->GetArrayLength(e, resultBytes); if (max_out >= arrayLen) { - b = (*e)->GetByteArrayElements(e, resultBytes, NULL); + if ((b = (*e)->GetByteArrayElements(e, resultBytes, NULL)) == NULL) { + ret = ssl_private_key_failure; + goto complete; + } + memcpy(out, b, arrayLen); (*e)->ReleaseByteArrayElements(e, resultBytes, b, JNI_ABORT); *out_len = arrayLen; @@ -2238,7 +2246,11 @@ static enum ssl_private_key_result_t tcn_private_key_decrypt_java(SSL *ssl, uint } else { arrayLen = (*e)->GetArrayLength(e, resultBytes); if (max_out >= arrayLen) { - b = (*e)->GetByteArrayElements(e, resultBytes, NULL); + if ((b = (*e)->GetByteArrayElements(e, resultBytes, NULL)) == NULL) { + ret = ssl_private_key_failure; + goto complete; + } + memcpy(out, b, arrayLen); (*e)->ReleaseByteArrayElements(e, resultBytes, b, JNI_ABORT); *out_len = arrayLen; @@ -2300,7 +2312,9 @@ static enum ssl_private_key_result_t tcn_private_key_complete_java(SSL *ssl, uin // belong to us. return ssl_private_key_failure; } - b = (*e)->GetByteArrayElements(e, resultBytes, NULL); + if ((b = (*e)->GetByteArrayElements(e, resultBytes, NULL)) == NULL) { + return ssl_private_key_failure; + } memcpy(out, b, arrayLen); (*e)->ReleaseByteArrayElements(e, resultBytes, b, JNI_ABORT); *out_len = arrayLen;