From e2017772c70328994233446a2089147de225c982 Mon Sep 17 00:00:00 2001
From: icy17 <1061499390@qq.com>
Date: Thu, 1 Aug 2024 15:43:34 +0800
Subject: [PATCH] Fix potential NULL pointer dereference

---
 src/Mayaqua/Encrypt.c | 10 ++++++++++
 src/Mayaqua/Network.c | 12 ++++++++++++
 2 files changed, 22 insertions(+)

diff --git a/src/Mayaqua/Encrypt.c b/src/Mayaqua/Encrypt.c
index b30c9d10..f473b01d 100644
--- a/src/Mayaqua/Encrypt.c
+++ b/src/Mayaqua/Encrypt.c
@@ -351,6 +351,11 @@ MD *NewMdEx(char *name, bool hmac)
 #else
 		m->Ctx = EVP_MD_CTX_create();
 #endif
+		if (m->Ctx == NULL)
+		{
+			return NULL;
+		}
+
 		if (EVP_DigestInit_ex(m->Ctx, m->Md, NULL) == false)
 		{
 			Debug("NewMdEx(): EVP_DigestInit_ex() failed with error: %s\n", OpenSSL_Error());
@@ -4604,6 +4609,11 @@ DH_CTX *DhNew(char *prime, UINT g)
 	dh = ZeroMalloc(sizeof(DH_CTX));
 
 	dh->dh = DH_new();
+	if (dh->dh == NULL)
+	{
+		return NULL;
+	}
+	
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
 	dhp = BinToBigNum(buf->Buf, buf->Size);
 	dhg = BN_new();
diff --git a/src/Mayaqua/Network.c b/src/Mayaqua/Network.c
index 6b53ecfb..990ced79 100644
--- a/src/Mayaqua/Network.c
+++ b/src/Mayaqua/Network.c
@@ -11860,6 +11860,12 @@ bool StartSSLEx3(SOCK *sock, X *x, K *priv, LIST *chain, UINT ssl_timeout, char
 #endif
 
 		sock->ssl = SSL_new(ssl_ctx);
+
+		if (sock->ssl == NULL)
+		{
+			return false;
+		}
+
 		SSL_set_fd(sock->ssl, (int)sock->socket);
 
 #ifdef	SSL_CTRL_SET_TLSEXT_HOSTNAME
@@ -16250,6 +16256,12 @@ UINT GetOSSecurityLevel()
 	UINT security_level_new = 0, security_level_set_ssl_version = 0;
 	struct ssl_ctx_st *ctx = SSL_CTX_new(SSLv23_method());
 
+	if (ctx == NULL)
+	{
+		return security_level_new;
+	}
+
+
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 	security_level_new = SSL_CTX_get_security_level(ctx);
 #endif