diff options
| author | tedu <> | 2014-06-19 21:24:35 +0000 |
|---|---|---|
| committer | tedu <> | 2014-06-19 21:24:35 +0000 |
| commit | 41e038d2e8f6a205e6aa50aa0e910df4ff76ec9e (patch) | |
| tree | ebdc1933afa8bbfc5b54c183755c317232418328 | |
| parent | a53e20a6c040532f3fcfd5a73b1b493e8f09163a (diff) | |
| download | openbsd-41e038d2e8f6a205e6aa50aa0e910df4ff76ec9e.tar.gz openbsd-41e038d2e8f6a205e6aa50aa0e910df4ff76ec9e.tar.bz2 openbsd-41e038d2e8f6a205e6aa50aa0e910df4ff76ec9e.zip | |
check stack push return and make some effort to clean up. ok beck miod
| -rw-r--r-- | src/lib/libcrypto/x509/x509_vfy.c | 8 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/x509/x509_vfy.c | 8 |
2 files changed, 12 insertions, 4 deletions
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c index eac2e99fd1..4a485fc484 100644 --- a/src/lib/libcrypto/x509/x509_vfy.c +++ b/src/lib/libcrypto/x509/x509_vfy.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509_vfy.c,v 1.27 2014/06/12 15:49:31 deraadt Exp $ */ | 1 | /* $OpenBSD: x509_vfy.c,v 1.28 2014/06/19 21:24:35 tedu Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -313,7 +313,11 @@ X509_verify_cert(X509_STORE_CTX *ctx) | |||
| 313 | ctx->current_cert = x; | 313 | ctx->current_cert = x; |
| 314 | } else { | 314 | } else { |
| 315 | 315 | ||
| 316 | sk_X509_push(ctx->chain, chain_ss); | 316 | if (!sk_X509_push(ctx->chain, chain_ss)) { |
| 317 | X509_free(chain_ss); | ||
| 318 | X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE); | ||
| 319 | return 0; | ||
| 320 | } | ||
| 317 | num++; | 321 | num++; |
| 318 | ctx->last_untrusted = num; | 322 | ctx->last_untrusted = num; |
| 319 | ctx->current_cert = chain_ss; | 323 | ctx->current_cert = chain_ss; |
diff --git a/src/lib/libssl/src/crypto/x509/x509_vfy.c b/src/lib/libssl/src/crypto/x509/x509_vfy.c index eac2e99fd1..4a485fc484 100644 --- a/src/lib/libssl/src/crypto/x509/x509_vfy.c +++ b/src/lib/libssl/src/crypto/x509/x509_vfy.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509_vfy.c,v 1.27 2014/06/12 15:49:31 deraadt Exp $ */ | 1 | /* $OpenBSD: x509_vfy.c,v 1.28 2014/06/19 21:24:35 tedu Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -313,7 +313,11 @@ X509_verify_cert(X509_STORE_CTX *ctx) | |||
| 313 | ctx->current_cert = x; | 313 | ctx->current_cert = x; |
| 314 | } else { | 314 | } else { |
| 315 | 315 | ||
| 316 | sk_X509_push(ctx->chain, chain_ss); | 316 | if (!sk_X509_push(ctx->chain, chain_ss)) { |
| 317 | X509_free(chain_ss); | ||
| 318 | X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE); | ||
| 319 | return 0; | ||
| 320 | } | ||
| 317 | num++; | 321 | num++; |
| 318 | ctx->last_untrusted = num; | 322 | ctx->last_untrusted = num; |
| 319 | ctx->current_cert = chain_ss; | 323 | ctx->current_cert = chain_ss; |