diff options
| author | jsing <> | 2022-09-03 19:11:45 +0000 |
|---|---|---|
| committer | jsing <> | 2022-09-03 19:11:45 +0000 |
| commit | 5399328ca4a094e245816151319f788ee5adeacf (patch) | |
| tree | 964ec5d52226ea61bfeccf9e2266edfb0990dd00 | |
| parent | 99faf42e8bb466f6374ae553a89d7703e22bf59f (diff) | |
| download | openbsd-5399328ca4a094e245816151319f788ee5adeacf.tar.gz openbsd-5399328ca4a094e245816151319f788ee5adeacf.tar.bz2 openbsd-5399328ca4a094e245816151319f788ee5adeacf.zip | |
Avoid recycling ASN1_STRINGs when decoding ASN.1.
Rather than recycling an existing ASN1_STRING and changing its type, free
it and allocate a replacement. This simplifies the code and potentially
avoids bugs resulting from reuse.
ok tb@
| -rw-r--r-- | src/lib/libcrypto/asn1/tasn_dec.c | 26 |
1 files changed, 12 insertions, 14 deletions
diff --git a/src/lib/libcrypto/asn1/tasn_dec.c b/src/lib/libcrypto/asn1/tasn_dec.c index 457f526e71..f89d8e1c24 100644 --- a/src/lib/libcrypto/asn1/tasn_dec.c +++ b/src/lib/libcrypto/asn1/tasn_dec.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tasn_dec.c,v 1.80 2022/09/03 18:52:18 jsing Exp $ */ | 1 | /* $OpenBSD: tasn_dec.c,v 1.81 2022/09/03 19:11:45 jsing Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| @@ -276,7 +276,7 @@ asn1_find_end(CBS *cbs, size_t length, int indefinite) | |||
| 276 | static int | 276 | static int |
| 277 | asn1_c2i_primitive(ASN1_VALUE **pval, CBS *content, int utype, const ASN1_ITEM *it) | 277 | asn1_c2i_primitive(ASN1_VALUE **pval, CBS *content, int utype, const ASN1_ITEM *it) |
| 278 | { | 278 | { |
| 279 | ASN1_STRING *stmp; | 279 | ASN1_STRING *astr; |
| 280 | ASN1_BOOLEAN *tbool; | 280 | ASN1_BOOLEAN *tbool; |
| 281 | uint8_t u8val; | 281 | uint8_t u8val; |
| 282 | int ret = 0; | 282 | int ret = 0; |
| @@ -361,21 +361,19 @@ asn1_c2i_primitive(ASN1_VALUE **pval, CBS *content, int utype, const ASN1_ITEM * | |||
| 361 | } | 361 | } |
| 362 | } | 362 | } |
| 363 | /* All based on ASN1_STRING and handled the same way. */ | 363 | /* All based on ASN1_STRING and handled the same way. */ |
| 364 | if (*pval == NULL) { | 364 | if (*pval != NULL) { |
| 365 | if ((stmp = ASN1_STRING_type_new(utype)) == NULL) { | 365 | ASN1_STRING_free((ASN1_STRING *)*pval); |
| 366 | ASN1error(ERR_R_MALLOC_FAILURE); | ||
| 367 | goto err; | ||
| 368 | } | ||
| 369 | *pval = (ASN1_VALUE *)stmp; | ||
| 370 | } else { | ||
| 371 | stmp = (ASN1_STRING *)*pval; | ||
| 372 | stmp->type = utype; | ||
| 373 | } | ||
| 374 | if (!ASN1_STRING_set(stmp, CBS_data(content), CBS_len(content))) { | ||
| 375 | ASN1_STRING_free(stmp); | ||
| 376 | *pval = NULL; | 366 | *pval = NULL; |
| 367 | } | ||
| 368 | if ((astr = ASN1_STRING_type_new(utype)) == NULL) { | ||
| 369 | ASN1error(ERR_R_MALLOC_FAILURE); | ||
| 370 | goto err; | ||
| 371 | } | ||
| 372 | if (!ASN1_STRING_set(astr, CBS_data(content), CBS_len(content))) { | ||
| 373 | ASN1_STRING_free(astr); | ||
| 377 | goto err; | 374 | goto err; |
| 378 | } | 375 | } |
| 376 | *pval = (ASN1_VALUE *)astr; | ||
| 379 | break; | 377 | break; |
| 380 | } | 378 | } |
| 381 | 379 | ||