diff options
| author | tb <> | 2021-12-24 02:23:44 +0000 |
|---|---|---|
| committer | tb <> | 2021-12-24 02:23:44 +0000 |
| commit | 590db753358a3347436824299d28c2b7b7f2df2b (patch) | |
| tree | 6994feba36513ddf8aa23e6b732bc55a5f2252c9 | |
| parent | f6b9783166889555c3d695e152b467a092859b8c (diff) | |
| download | openbsd-590db753358a3347436824299d28c2b7b7f2df2b.tar.gz openbsd-590db753358a3347436824299d28c2b7b7f2df2b.tar.bz2 openbsd-590db753358a3347436824299d28c2b7b7f2df2b.zip | |
Turn asserts in ASIdentifierChoice_canonize() into error checks
The first assert ensures that a stack that was just sorted in a stronger
sense is sorted in a weak sense and the second assert ensures that
the result of the canonization procedure is canonical. All callers check
for error, so these asserts don't do anything useful.
ok jsing
| -rw-r--r-- | src/lib/libcrypto/x509/x509_asid.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/lib/libcrypto/x509/x509_asid.c b/src/lib/libcrypto/x509/x509_asid.c index 5eeb5953d3..bf51c9bb2a 100644 --- a/src/lib/libcrypto/x509/x509_asid.c +++ b/src/lib/libcrypto/x509/x509_asid.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509_asid.c,v 1.25 2021/12/24 02:22:16 tb Exp $ */ | 1 | /* $OpenBSD: x509_asid.c,v 1.26 2021/12/24 02:23:44 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Contributed to the OpenSSL Project by the American Registry for | 3 | * Contributed to the OpenSSL Project by the American Registry for |
| 4 | * Internet Numbers ("ARIN"). | 4 | * Internet Numbers ("ARIN"). |
| @@ -649,7 +649,8 @@ ASIdentifierChoice_canonize(ASIdentifierChoice *choice) | |||
| 649 | /* | 649 | /* |
| 650 | * Make sure we're properly sorted (paranoia). | 650 | * Make sure we're properly sorted (paranoia). |
| 651 | */ | 651 | */ |
| 652 | OPENSSL_assert(ASN1_INTEGER_cmp(a_min, b_min) <= 0); | 652 | if (ASN1_INTEGER_cmp(a_min, b_min) > 0) |
| 653 | goto done; | ||
| 653 | 654 | ||
| 654 | /* | 655 | /* |
| 655 | * Punt inverted ranges. | 656 | * Punt inverted ranges. |
| @@ -736,7 +737,8 @@ ASIdentifierChoice_canonize(ASIdentifierChoice *choice) | |||
| 736 | } | 737 | } |
| 737 | 738 | ||
| 738 | /* Paranoia */ | 739 | /* Paranoia */ |
| 739 | OPENSSL_assert(ASIdentifierChoice_is_canonical(choice)); | 740 | if (!ASIdentifierChoice_is_canonical(choice)) |
| 741 | goto done; | ||
| 740 | 742 | ||
| 741 | ret = 1; | 743 | ret = 1; |
| 742 | 744 | ||