diff options
| author | tb <> | 2026-04-24 15:10:20 +0000 |
|---|---|---|
| committer | tb <> | 2026-04-24 15:10:20 +0000 |
| commit | 425087a13e903f70b7f86dc6cbfd0893fb2ef79a (patch) | |
| tree | 8cad1ffa45a4bd5c9d151942535b0dd64fa59585 /src/lib/libcrypto | |
| parent | 663fcbae236d58cdbdb79f281892e6bbaaeae55d (diff) | |
| download | openbsd-425087a13e903f70b7f86dc6cbfd0893fb2ef79a.tar.gz openbsd-425087a13e903f70b7f86dc6cbfd0893fb2ef79a.tar.bz2 openbsd-425087a13e903f70b7f86dc6cbfd0893fb2ef79a.zip | |
Simplify PKCS7_get_issuer_and_serial()
The i variable is unused. Likewise for the first assignment to ri.
Instead of an incomplete check that idx is in range, which still
results in a NULL deref if idx < 0, check if ri is not NULL before
accessing, as sk_value() checks the index correctly.
ok jsing kenjiro
Diffstat (limited to 'src/lib/libcrypto')
| -rw-r--r-- | src/lib/libcrypto/pkcs7/pk7_doit.c | 15 |
1 files changed, 6 insertions, 9 deletions
diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c index e39d960780..2e0b0a4f2a 100644 --- a/src/lib/libcrypto/pkcs7/pk7_doit.c +++ b/src/lib/libcrypto/pkcs7/pk7_doit.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: pk7_doit.c,v 1.61 2025/07/27 07:06:41 tb Exp $ */ | 1 | /* $OpenBSD: pk7_doit.c,v 1.62 2026/04/24 15:10:20 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1101,20 +1101,17 @@ PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx) | |||
| 1101 | { | 1101 | { |
| 1102 | STACK_OF(PKCS7_RECIP_INFO) *rsk; | 1102 | STACK_OF(PKCS7_RECIP_INFO) *rsk; |
| 1103 | PKCS7_RECIP_INFO *ri; | 1103 | PKCS7_RECIP_INFO *ri; |
| 1104 | int i; | ||
| 1105 | 1104 | ||
| 1106 | i = OBJ_obj2nid(p7->type); | 1105 | if (OBJ_obj2nid(p7->type) != NID_pkcs7_signedAndEnveloped) |
| 1107 | if (i != NID_pkcs7_signedAndEnveloped) | ||
| 1108 | return NULL; | 1106 | return NULL; |
| 1107 | |||
| 1109 | if (p7->d.signed_and_enveloped == NULL) | 1108 | if (p7->d.signed_and_enveloped == NULL) |
| 1110 | return NULL; | 1109 | return NULL; |
| 1111 | rsk = p7->d.signed_and_enveloped->recipientinfo; | 1110 | if ((rsk = p7->d.signed_and_enveloped->recipientinfo) == NULL) |
| 1112 | if (rsk == NULL) | ||
| 1113 | return NULL; | 1111 | return NULL; |
| 1114 | ri = sk_PKCS7_RECIP_INFO_value(rsk, 0); | 1112 | if ((ri = sk_PKCS7_RECIP_INFO_value(rsk, idx)) == NULL) |
| 1115 | if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx) | ||
| 1116 | return NULL; | 1113 | return NULL; |
| 1117 | ri = sk_PKCS7_RECIP_INFO_value(rsk, idx); | 1114 | |
| 1118 | return ri->issuer_and_serial; | 1115 | return ri->issuer_and_serial; |
| 1119 | } | 1116 | } |
| 1120 | LCRYPTO_ALIAS(PKCS7_get_issuer_and_serial); | 1117 | LCRYPTO_ALIAS(PKCS7_get_issuer_and_serial); |