Set error if we are given an NULL ctx in x509_verify, and set error

to X509_V_ERR_OUT_OF_MEM instead of UNSPECIFIED in chain_append when allocation fails. noticed by ingo@ ok tb@
author: beck <> 2020-09-14 12:33:51 +0000
committer: beck <> 2020-09-14 12:33:51 +0000
commit: 0d65d2118b0232bebdc91dae5db25ff9bceb06c1 (patch)
tree: 1309eec59d1a784adaedba6a6198066d25f765b3 /src/lib
parent: caa40998e3f59bd98e6c4fdba3b65b2348296f74 (diff)
download: openbsd-0d65d2118b0232bebdc91dae5db25ff9bceb06c1.tar.gz
openbsd-0d65d2118b0232bebdc91dae5db25ff9bceb06c1.tar.bz2
openbsd-0d65d2118b0232bebdc91dae5db25ff9bceb06c1.zip
1 files changed, 3 insertions, 5 deletions
diff --git a/src/lib/libcrypto/x509/x509_verify.c b/src/lib/libcrypto/x509/x509_verify.c
index 80af892d8a..431f5ab1bc 100644
--- a/src/lib/libcrypto/x509/x509_verify.c
+++ b/src/lib/libcrypto/x509/x509_verify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_verify.c,v 1.5 2020/09/14 12:00:55 tb Exp $ */
+/* $OpenBSD: x509_verify.c,v 1.6 2020/09/14 12:33:51 beck Exp $ */
 /*
 * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
 *
@@ -108,7 +108,7 @@ x509_verify_chain_append(struct x509_verify_chain *chain, X509 *cert,
        X509_up_ref(cert);
        if (!sk_X509_push(chain->certs, cert)) {
                X509_free(cert);
-                *error = X509_V_ERR_UNSPECIFIED;
+                *error = X509_V_ERR_OUT_OF_MEM;
                return 0;
        }
        return 1;
@@ -833,9 +833,7 @@ x509_verify(struct x509_verify_ctx *ctx, X509 *leaf, char *name)
 {
        struct x509_verify_chain *current_chain;
-        if (ctx == NULL)
+        if (ctx == NULL || ctx->roots == NULL || ctx->max_depth == 0) {
-                return 0;
-        if (ctx->roots == NULL || ctx->max_depth == 0) {
                ctx->error = X509_V_ERR_INVALID_CALL;
                return 0;
        }
author	beck <>	2020-09-14 12:33:51 +0000
committer	beck <>	2020-09-14 12:33:51 +0000
commit	0d65d2118b0232bebdc91dae5db25ff9bceb06c1 (patch)
tree	1309eec59d1a784adaedba6a6198066d25f765b3 /src/lib
parent	caa40998e3f59bd98e6c4fdba3b65b2348296f74 (diff)
download	openbsd-0d65d2118b0232bebdc91dae5db25ff9bceb06c1.tar.gz openbsd-0d65d2118b0232bebdc91dae5db25ff9bceb06c1.tar.bz2 openbsd-0d65d2118b0232bebdc91dae5db25ff9bceb06c1.zip