diff options
| author | miod <> | 2014-10-05 18:27:33 +0000 |
|---|---|---|
| committer | miod <> | 2014-10-05 18:27:33 +0000 |
| commit | 42a741a65e301a9622dd0b6fcad1bab9824ef259 (patch) | |
| tree | ede0e3e999fe2872ab379d9fde37f8a422ca34a1 /src/lib/libc | |
| parent | 3e5593540c7030668e1be1a37e07e0e4ef995b1a (diff) | |
| download | openbsd-42a741a65e301a9622dd0b6fcad1bab9824ef259.tar.gz openbsd-42a741a65e301a9622dd0b6fcad1bab9824ef259.tar.bz2 openbsd-42a741a65e301a9622dd0b6fcad1bab9824ef259.zip | |
Be sure to check object allocation for success before using them.
Tweaks and ok guenther@
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libcrypto/x509v3/v3_cpols.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_cpols.c b/src/lib/libcrypto/x509v3/v3_cpols.c index 51d02abd22..d683db697e 100644 --- a/src/lib/libcrypto/x509v3/v3_cpols.c +++ b/src/lib/libcrypto/x509v3/v3_cpols.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: v3_cpols.c,v 1.15 2014/07/11 08:44:49 jsing Exp $ */ | 1 | /* $OpenBSD: v3_cpols.c,v 1.16 2014/10/05 18:27:33 miod Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| @@ -160,7 +160,7 @@ STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, | |||
| 160 | ia5org = 0; | 160 | ia5org = 0; |
| 161 | for (i = 0; i < sk_CONF_VALUE_num(vals); i++) { | 161 | for (i = 0; i < sk_CONF_VALUE_num(vals); i++) { |
| 162 | cnf = sk_CONF_VALUE_value(vals, i); | 162 | cnf = sk_CONF_VALUE_value(vals, i); |
| 163 | if (cnf->value || !cnf->name ) { | 163 | if (cnf->value || !cnf->name) { |
| 164 | X509V3err(X509V3_F_R2I_CERTPOL, | 164 | X509V3err(X509V3_F_R2I_CERTPOL, |
| 165 | X509V3_R_INVALID_POLICY_IDENTIFIER); | 165 | X509V3_R_INVALID_POLICY_IDENTIFIER); |
| 166 | X509V3_conf_err(cnf); | 166 | X509V3_conf_err(cnf); |
| @@ -304,7 +304,11 @@ notice_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *unot, int ia5org) | |||
| 304 | for (i = 0; i < sk_CONF_VALUE_num(unot); i++) { | 304 | for (i = 0; i < sk_CONF_VALUE_num(unot); i++) { |
| 305 | cnf = sk_CONF_VALUE_value(unot, i); | 305 | cnf = sk_CONF_VALUE_value(unot, i); |
| 306 | if (!strcmp(cnf->name, "explicitText")) { | 306 | if (!strcmp(cnf->name, "explicitText")) { |
| 307 | not->exptext = M_ASN1_VISIBLESTRING_new(); | 307 | if (not->exptext == NULL) { |
| 308 | not->exptext = M_ASN1_VISIBLESTRING_new(); | ||
| 309 | if (not->exptext == NULL) | ||
| 310 | goto merr; | ||
| 311 | } | ||
| 308 | if (!ASN1_STRING_set(not->exptext, cnf->value, | 312 | if (!ASN1_STRING_set(not->exptext, cnf->value, |
| 309 | strlen(cnf->value))) | 313 | strlen(cnf->value))) |
| 310 | goto merr; | 314 | goto merr; |
| @@ -330,8 +334,9 @@ notice_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *unot, int ia5org) | |||
| 330 | if (!(nref = NOTICEREF_new())) | 334 | if (!(nref = NOTICEREF_new())) |
| 331 | goto merr; | 335 | goto merr; |
| 332 | not->noticeref = nref; | 336 | not->noticeref = nref; |
| 333 | } else nref = not->noticeref; | 337 | } else |
| 334 | nos = X509V3_parse_list(cnf->value); | 338 | nref = not->noticeref; |
| 339 | nos = X509V3_parse_list(cnf->value); | ||
| 335 | if (!nos || !sk_CONF_VALUE_num(nos)) { | 340 | if (!nos || !sk_CONF_VALUE_num(nos)) { |
| 336 | X509V3err(X509V3_F_NOTICE_SECTION, | 341 | X509V3err(X509V3_F_NOTICE_SECTION, |
| 337 | X509V3_R_INVALID_NUMBERS); | 342 | X509V3_R_INVALID_NUMBERS); |