Add error checking to i2v_AUTHORITY_KEYID(), i2v_GENERAL_NAME()

and i2v_GENERAL_NAMES(). This fixes a couple of leaks and other ugliness. tweaks & ok jsing
author: tb <> 2019-04-21 16:50:34 +0000
committer: tb <> 2019-04-21 16:50:34 +0000
commit: 6cb76fe84ed5d0dde673a8aea04318d4dbcc96d9 (patch)
tree: 796d18cc54886cb2407e36d7d31d982c243ecd05 /src/lib/libcrypto/x509v3/v3_akey.c
parent: 7bbdab19e025dac2cb71c1027b0419b712f48447 (diff)
download: openbsd-6cb76fe84ed5d0dde673a8aea04318d4dbcc96d9.tar.gz
openbsd-6cb76fe84ed5d0dde673a8aea04318d4dbcc96d9.tar.bz2
openbsd-6cb76fe84ed5d0dde673a8aea04318d4dbcc96d9.zip
1 files changed, 32 insertions, 13 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_akey.c b/src/lib/libcrypto/x509v3/v3_akey.c
index 3b57fd21f7..65184b19b6 100644
--- a/src/lib/libcrypto/x509v3/v3_akey.c
+++ b/src/lib/libcrypto/x509v3/v3_akey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: v3_akey.c,v 1.20 2019/04/21 08:07:47 tb Exp $ */
+/* $OpenBSD: v3_akey.c,v 1.21 2019/04/21 16:50:34 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -91,22 +91,41 @@ static STACK_OF(CONF_VALUE) *
 i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, AUTHORITY_KEYID *akeyid,
    STACK_OF(CONF_VALUE) *extlist)
 {
-        char *tmp;
+        char *tmpstr = NULL;
-        if (akeyid->keyid) {
+        if (akeyid->keyid != NULL) {
-                tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length);
+                if ((tmpstr = hex_to_string(akeyid->keyid->data,
-                X509V3_add_value("keyid", tmp, &extlist);
+                    akeyid->keyid->length)) == NULL)
-                free(tmp);
+                        goto err;
+                if (!X509V3_add_value("keyid", tmpstr, &extlist))
+                        goto err;
+                free(tmpstr);
+                tmpstr = NULL;
        }
-        if (akeyid->issuer)
-                extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
+        if (akeyid->issuer != NULL) {
-        if (akeyid->serial) {
+                if ((extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer,
-                tmp = hex_to_string(akeyid->serial->data,
+                    extlist)) == NULL)
-                    akeyid->serial->length);
+                        goto err;
-                X509V3_add_value("serial", tmp, &extlist);
-                free(tmp);
        }
+        if (akeyid->serial != NULL) {
+                if ((tmpstr = hex_to_string(akeyid->serial->data,
+                    akeyid->serial->length)) == NULL)
+                        goto err;
+                if (!X509V3_add_value("serial", tmpstr, &extlist))
+                        goto err;
+                free(tmpstr);
+                tmpstr = NULL;
+        }
        return extlist;
+ err:
+        free(tmpstr);
+        sk_CONF_VALUE_pop_free(extlist, X509V3_conf_free);
+        return NULL;
 }
 /*
author	tb <>	2019-04-21 16:50:34 +0000
committer	tb <>	2019-04-21 16:50:34 +0000
commit	6cb76fe84ed5d0dde673a8aea04318d4dbcc96d9 (patch)
tree	796d18cc54886cb2407e36d7d31d982c243ecd05 /src/lib/libcrypto/x509v3/v3_akey.c
parent	7bbdab19e025dac2cb71c1027b0419b712f48447 (diff)
download	openbsd-6cb76fe84ed5d0dde673a8aea04318d4dbcc96d9.tar.gz openbsd-6cb76fe84ed5d0dde673a8aea04318d4dbcc96d9.tar.bz2 openbsd-6cb76fe84ed5d0dde673a8aea04318d4dbcc96d9.zip

diff --git a/src/lib/libcrypto/x509v3/v3_akey.c b/src/lib/libcrypto/x509v3/v3_akey.c index 3b57fd21f7..65184b19b6 100644 --- a/src/lib/libcrypto/x509v3/v3_akey.c +++ b/src/lib/libcrypto/x509v3/v3_akey.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: v3_akey.c,v 1.20 2019/04/21 08:07:47 tb Exp $ */	1	/* $OpenBSD: v3_akey.c,v 1.21 2019/04/21 16:50:34 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.	3	* project 1999.
4	*/	4	*/
@@ -91,22 +91,41 @@ static STACK_OF(CONF_VALUE) *
91	i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD method, AUTHORITY_KEYID akeyid,	91	i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD method, AUTHORITY_KEYID akeyid,
92	STACK_OF(CONF_VALUE) *extlist)	92	STACK_OF(CONF_VALUE) *extlist)
93	{	93	{
94	char *tmp;	94	char *tmpstr = NULL;
95		95
96	if (akeyid->keyid) {	96	if (akeyid->keyid != NULL) {
97	tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length);	97	if ((tmpstr = hex_to_string(akeyid->keyid->data,
98	X509V3_add_value("keyid", tmp, &extlist);	98	akeyid->keyid->length)) == NULL)
99	free(tmp);	99	goto err;
		100	if (!X509V3_add_value("keyid", tmpstr, &extlist))
		101	goto err;
		102	free(tmpstr);
		103	tmpstr = NULL;
100	}	104	}
101	if (akeyid->issuer)	105
102	extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);	106	if (akeyid->issuer != NULL) {
103	if (akeyid->serial) {	107	if ((extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer,
104	tmp = hex_to_string(akeyid->serial->data,	108	extlist)) == NULL)
105	akeyid->serial->length);	109	goto err;
106	X509V3_add_value("serial", tmp, &extlist);
107	free(tmp);
108	}	110	}
		111
		112	if (akeyid->serial != NULL) {
		113	if ((tmpstr = hex_to_string(akeyid->serial->data,
		114	akeyid->serial->length)) == NULL)
		115	goto err;
		116	if (!X509V3_add_value("serial", tmpstr, &extlist))
		117	goto err;
		118	free(tmpstr);
		119	tmpstr = NULL;
		120	}
		121
109	return extlist;	122	return extlist;
		123
		124	err:
		125	free(tmpstr);
		126	sk_CONF_VALUE_pop_free(extlist, X509V3_conf_free);
		127
		128	return NULL;
110	}	129	}
111		130
112	/*	131	/*