diff options
| author | tb <> | 2022-05-20 08:04:21 +0000 |
|---|---|---|
| committer | tb <> | 2022-05-20 08:04:21 +0000 |
| commit | 67bb646896f08acaba8144b14de087416bb959ec (patch) | |
| tree | 3b28a63d505365a1c7796a202e9684a24fdf55ca | |
| parent | 3f2d19fd2eff02b5cd51e6c5c791d08a774f5320 (diff) | |
| download | openbsd-67bb646896f08acaba8144b14de087416bb959ec.tar.gz openbsd-67bb646896f08acaba8144b14de087416bb959ec.tar.bz2 openbsd-67bb646896f08acaba8144b14de087416bb959ec.zip | |
Drop *out == NULL check in ASN1_STRING_to_UTF8()
Unfortunately, several things in the ecosystem depend on the existing
API behavior of being able to pass in an uninitialized pointer on the
stack: haproxy, grpc, mongo-tools and others show up on the first two
pages of Debian codesearch.
ok jsing
| -rw-r--r-- | src/lib/libcrypto/asn1/a_string.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/lib/libcrypto/asn1/a_string.c b/src/lib/libcrypto/asn1/a_string.c index 411c9bc909..ef36f50c0d 100644 --- a/src/lib/libcrypto/asn1/a_string.c +++ b/src/lib/libcrypto/asn1/a_string.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: a_string.c,v 1.10 2022/05/16 20:51:26 tb Exp $ */ | 1 | /* $OpenBSD: a_string.c,v 1.11 2022/05/20 08:04:21 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -280,7 +280,11 @@ ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in) | |||
| 280 | int mbflag; | 280 | int mbflag; |
| 281 | int ret = -1; | 281 | int ret = -1; |
| 282 | 282 | ||
| 283 | if (out == NULL || *out != NULL) | 283 | /* |
| 284 | * XXX We can't fail on *out != NULL here since things like haproxy and | ||
| 285 | * grpc pass in a pointer to an uninitialized pointer on the stack. | ||
| 286 | */ | ||
| 287 | if (out == NULL) | ||
| 284 | goto err; | 288 | goto err; |
| 285 | 289 | ||
| 286 | if (in == NULL) | 290 | if (in == NULL) |