Index: modules/ssl/mod_ssl.c =================================================================== --- modules/ssl/mod_ssl.c (revision 1896120) +++ modules/ssl/mod_ssl.c (working copy) @@ -641,9 +641,7 @@ SSL_set_verify_result(ssl, X509_V_OK); - ssl_io_filter_init(c, r, ssl); - - return APR_SUCCESS; + return ssl_io_filter_init(c, r, ssl); } static const char *ssl_hook_http_scheme(const request_rec *r) Index: modules/ssl/ssl_engine_io.c =================================================================== --- modules/ssl/ssl_engine_io.c (revision 1896120) +++ modules/ssl/ssl_engine_io.c (working copy) @@ -2276,7 +2276,7 @@ /* The request_rec pointer is passed in here only to ensure that the * filter chain is modified correctly when doing a TLS upgrade. It * must *not* be used otherwise. */ -static void ssl_io_input_add_filter(ssl_filter_ctx_t *filter_ctx, conn_rec *c, +static apr_status_t ssl_io_input_add_filter(ssl_filter_ctx_t *filter_ctx, conn_rec *c, request_rec *r, SSL *ssl) { bio_filter_in_ctx_t *inctx; @@ -2290,6 +2290,9 @@ #else filter_ctx->pbioRead = BIO_new(bio_filter_in_method); #endif + if(filter_ctx->pbioRead == NULL) { + return APR_EGENERAL; + } BIO_set_data(filter_ctx->pbioRead, (void *)inctx); inctx->ssl = ssl; @@ -2302,12 +2305,13 @@ inctx->block = APR_BLOCK_READ; inctx->pool = c->pool; inctx->filter_ctx = filter_ctx; + return APR_SUCCESS; } /* The request_rec pointer is passed in here only to ensure that the * filter chain is modified correctly when doing a TLS upgrade. It * must *not* be used otherwise. */ -void ssl_io_filter_init(conn_rec *c, request_rec *r, SSL *ssl) +apr_status_t ssl_io_filter_init(conn_rec *c, request_rec *r, SSL *ssl) { ssl_filter_ctx_t *filter_ctx; @@ -2325,6 +2329,9 @@ #else filter_ctx->pbioWrite = BIO_new(bio_filter_out_method); #endif + if(filter_ctx->pbioWrite == NULL) { + return APR_EGENERAL; + } BIO_set_data(filter_ctx->pbioWrite, (void *)bio_filter_out_ctx_new(filter_ctx, c)); /* write is non blocking for the benefit of async mpm */ @@ -2334,7 +2341,9 @@ "Enabling non-blocking writes"); } - ssl_io_input_add_filter(filter_ctx, c, r, ssl); + if(ssl_io_input_add_filter(filter_ctx, c, r, ssl) != APR_SUCCESS) { + return APR_EGENERAL; + } SSL_set_bio(ssl, filter_ctx->pbioRead, filter_ctx->pbioWrite); filter_ctx->pssl = ssl; @@ -2353,7 +2362,7 @@ } } - return; + return APR_SUCCESS; } void ssl_io_filter_register(apr_pool_t *p) Index: modules/ssl/ssl_engine_vars.c =================================================================== --- modules/ssl/ssl_engine_vars.c (revision 1896120) +++ modules/ssl/ssl_engine_vars.c (working copy) @@ -1157,6 +1157,11 @@ if (OBJ_cmp(X509_EXTENSION_get_object(ext), oid) == 0) { BIO *bio = BIO_new(BIO_s_mem()); + if(bio == NULL) { + X509_free(xs); + ASN1_OBJECT_free(oid); + return NULL; + } /* We want to obtain a string representation of the extensions * value and add it to the array we're building. Index: modules/ssl/ssl_private.h =================================================================== --- modules/ssl/ssl_private.h (revision 1896120) +++ modules/ssl/ssl_private.h (working copy) @@ -1010,7 +1010,7 @@ #endif /** I/O */ -void ssl_io_filter_init(conn_rec *, request_rec *r, SSL *); +apr_status_t ssl_io_filter_init(conn_rec *, request_rec *r, SSL *); void ssl_io_filter_register(apr_pool_t *); long ssl_io_data_cb(BIO *, int, const char *, int, long, long); Index: modules/ssl/ssl_util_ocsp.c =================================================================== --- modules/ssl/ssl_util_ocsp.c (revision 1896120) +++ modules/ssl/ssl_util_ocsp.c (working copy) @@ -36,6 +36,9 @@ len = i2d_OCSP_REQUEST(req, NULL); bio = BIO_new(BIO_s_mem()); + if(bio == NULL) { + return NULL; + } BIO_printf(bio, "POST "); /* Use full URL instead of URI in case of a request through a proxy */