summaryrefslogtreecommitdiff
path: root/src/lib/libc
diff options
context:
space:
mode:
authormiod <>2014-10-05 18:30:13 +0000
committermiod <>2014-10-05 18:30:13 +0000
commita9b18c67c3d4198063412bac24c16c2ca15fb5e8 (patch)
tree3bc392d1091170365714fec0809ccec636d93c1f /src/lib/libc
parent93cb8deb7a0d83b747a3ac064b06282577c7eed5 (diff)
downloadopenbsd-a9b18c67c3d4198063412bac24c16c2ca15fb5e8.tar.gz
openbsd-a9b18c67c3d4198063412bac24c16c2ca15fb5e8.tar.bz2
openbsd-a9b18c67c3d4198063412bac24c16c2ca15fb5e8.zip
Be sure to check the stack push operation for success in v2i_POLICY_MAPPINGS();
if it fails, free the object we were about to push. Factor error handling to avoid having four copies of about the same code. ok guenther@
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/x509v3/v3_pmaps.c36
1 files changed, 19 insertions, 17 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_pmaps.c b/src/lib/libcrypto/x509v3/v3_pmaps.c
index 9b09518b5d..073d03973c 100644
--- a/src/lib/libcrypto/x509v3/v3_pmaps.c
+++ b/src/lib/libcrypto/x509v3/v3_pmaps.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_pmaps.c,v 1.4 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: v3_pmaps.c,v 1.5 2014/10/05 18:30:13 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -119,7 +119,7 @@ v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
119 POLICY_MAPPING *pmap; 119 POLICY_MAPPING *pmap;
120 ASN1_OBJECT *obj1, *obj2; 120 ASN1_OBJECT *obj1, *obj2;
121 CONF_VALUE *val; 121 CONF_VALUE *val;
122 int i; 122 int i, rc;
123 123
124 if (!(pmaps = sk_POLICY_MAPPING_new_null())) { 124 if (!(pmaps = sk_POLICY_MAPPING_new_null())) {
125 X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE); 125 X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE);
@@ -129,31 +129,33 @@ v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
129 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { 129 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
130 val = sk_CONF_VALUE_value(nval, i); 130 val = sk_CONF_VALUE_value(nval, i);
131 if (!val->value || !val->name) { 131 if (!val->value || !val->name) {
132 sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); 132 rc = X509V3_R_INVALID_OBJECT_IDENTIFIER;
133 X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, 133 goto err;
134 X509V3_R_INVALID_OBJECT_IDENTIFIER);
135 X509V3_conf_err(val);
136 return NULL;
137 } 134 }
138 obj1 = OBJ_txt2obj(val->name, 0); 135 obj1 = OBJ_txt2obj(val->name, 0);
139 obj2 = OBJ_txt2obj(val->value, 0); 136 obj2 = OBJ_txt2obj(val->value, 0);
140 if (!obj1 || !obj2) { 137 if (!obj1 || !obj2) {
141 sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); 138 rc = X509V3_R_INVALID_OBJECT_IDENTIFIER;
142 X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, 139 goto err;
143 X509V3_R_INVALID_OBJECT_IDENTIFIER);
144 X509V3_conf_err(val);
145 return NULL;
146 } 140 }
147 pmap = POLICY_MAPPING_new(); 141 pmap = POLICY_MAPPING_new();
148 if (!pmap) { 142 if (!pmap) {
149 sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); 143 rc = ERR_R_MALLOC_FAILURE;
150 X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, 144 goto err;
151 ERR_R_MALLOC_FAILURE);
152 return NULL;
153 } 145 }
154 pmap->issuerDomainPolicy = obj1; 146 pmap->issuerDomainPolicy = obj1;
155 pmap->subjectDomainPolicy = obj2; 147 pmap->subjectDomainPolicy = obj2;
156 sk_POLICY_MAPPING_push(pmaps, pmap); 148 if (sk_POLICY_MAPPING_push(pmaps, pmap) == 0) {
149 rc = ERR_R_MALLOC_FAILURE;
150 goto err;
151 }
157 } 152 }
158 return pmaps; 153 return pmaps;
154
155err:
156 sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free);
157 X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, rc);
158 if (rc == X509V3_R_INVALID_OBJECT_IDENTIFIER)
159 X509V3_conf_err(val);
160 return NULL;
159} 161}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-31 04:02:10 +0000