diff options
| author | miod <> | 2014-10-05 18:30:13 +0000 |
|---|---|---|
| committer | miod <> | 2014-10-05 18:30:13 +0000 |
| commit | 3a13a528b3c202483ccdd9d0a1bb30b5bb590858 (patch) | |
| tree | 3bc392d1091170365714fec0809ccec636d93c1f /src/lib | |
| parent | ae9853e9b54a00e3b8ccbbfc08073482ae270049 (diff) | |
| download | openbsd-3a13a528b3c202483ccdd9d0a1bb30b5bb590858.tar.gz openbsd-3a13a528b3c202483ccdd9d0a1bb30b5bb590858.tar.bz2 openbsd-3a13a528b3c202483ccdd9d0a1bb30b5bb590858.zip | |
Be sure to check the stack push operation for success in v2i_POLICY_MAPPINGS();
if it fails, free the object we were about to push.
Factor error handling to avoid having four copies of about the same code.
ok guenther@
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/x509v3/v3_pmaps.c | 36 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/x509v3/v3_pmaps.c | 36 |
2 files changed, 38 insertions, 34 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_pmaps.c b/src/lib/libcrypto/x509v3/v3_pmaps.c index 9b09518b5d..073d03973c 100644 --- a/src/lib/libcrypto/x509v3/v3_pmaps.c +++ b/src/lib/libcrypto/x509v3/v3_pmaps.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: v3_pmaps.c,v 1.4 2014/07/11 08:44:49 jsing Exp $ */ | 1 | /* $OpenBSD: v3_pmaps.c,v 1.5 2014/10/05 18:30:13 miod Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -119,7 +119,7 @@ v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, | |||
| 119 | POLICY_MAPPING *pmap; | 119 | POLICY_MAPPING *pmap; |
| 120 | ASN1_OBJECT *obj1, *obj2; | 120 | ASN1_OBJECT *obj1, *obj2; |
| 121 | CONF_VALUE *val; | 121 | CONF_VALUE *val; |
| 122 | int i; | 122 | int i, rc; |
| 123 | 123 | ||
| 124 | if (!(pmaps = sk_POLICY_MAPPING_new_null())) { | 124 | if (!(pmaps = sk_POLICY_MAPPING_new_null())) { |
| 125 | X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE); | 125 | X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE); |
| @@ -129,31 +129,33 @@ v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, | |||
| 129 | for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { | 129 | for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { |
| 130 | val = sk_CONF_VALUE_value(nval, i); | 130 | val = sk_CONF_VALUE_value(nval, i); |
| 131 | if (!val->value || !val->name) { | 131 | if (!val->value || !val->name) { |
| 132 | sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); | 132 | rc = X509V3_R_INVALID_OBJECT_IDENTIFIER; |
| 133 | X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, | 133 | goto err; |
| 134 | X509V3_R_INVALID_OBJECT_IDENTIFIER); | ||
| 135 | X509V3_conf_err(val); | ||
| 136 | return NULL; | ||
| 137 | } | 134 | } |
| 138 | obj1 = OBJ_txt2obj(val->name, 0); | 135 | obj1 = OBJ_txt2obj(val->name, 0); |
| 139 | obj2 = OBJ_txt2obj(val->value, 0); | 136 | obj2 = OBJ_txt2obj(val->value, 0); |
| 140 | if (!obj1 || !obj2) { | 137 | if (!obj1 || !obj2) { |
| 141 | sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); | 138 | rc = X509V3_R_INVALID_OBJECT_IDENTIFIER; |
| 142 | X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, | 139 | goto err; |
| 143 | X509V3_R_INVALID_OBJECT_IDENTIFIER); | ||
| 144 | X509V3_conf_err(val); | ||
| 145 | return NULL; | ||
| 146 | } | 140 | } |
| 147 | pmap = POLICY_MAPPING_new(); | 141 | pmap = POLICY_MAPPING_new(); |
| 148 | if (!pmap) { | 142 | if (!pmap) { |
| 149 | sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); | 143 | rc = ERR_R_MALLOC_FAILURE; |
| 150 | X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, | 144 | goto err; |
| 151 | ERR_R_MALLOC_FAILURE); | ||
| 152 | return NULL; | ||
| 153 | } | 145 | } |
| 154 | pmap->issuerDomainPolicy = obj1; | 146 | pmap->issuerDomainPolicy = obj1; |
| 155 | pmap->subjectDomainPolicy = obj2; | 147 | pmap->subjectDomainPolicy = obj2; |
| 156 | sk_POLICY_MAPPING_push(pmaps, pmap); | 148 | if (sk_POLICY_MAPPING_push(pmaps, pmap) == 0) { |
| 149 | rc = ERR_R_MALLOC_FAILURE; | ||
| 150 | goto err; | ||
| 151 | } | ||
| 157 | } | 152 | } |
| 158 | return pmaps; | 153 | return pmaps; |
| 154 | |||
| 155 | err: | ||
| 156 | sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); | ||
| 157 | X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, rc); | ||
| 158 | if (rc == X509V3_R_INVALID_OBJECT_IDENTIFIER) | ||
| 159 | X509V3_conf_err(val); | ||
| 160 | return NULL; | ||
| 159 | } | 161 | } |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_pmaps.c b/src/lib/libssl/src/crypto/x509v3/v3_pmaps.c index 9b09518b5d..073d03973c 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_pmaps.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_pmaps.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: v3_pmaps.c,v 1.4 2014/07/11 08:44:49 jsing Exp $ */ | 1 | /* $OpenBSD: v3_pmaps.c,v 1.5 2014/10/05 18:30:13 miod Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -119,7 +119,7 @@ v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, | |||
| 119 | POLICY_MAPPING *pmap; | 119 | POLICY_MAPPING *pmap; |
| 120 | ASN1_OBJECT *obj1, *obj2; | 120 | ASN1_OBJECT *obj1, *obj2; |
| 121 | CONF_VALUE *val; | 121 | CONF_VALUE *val; |
| 122 | int i; | 122 | int i, rc; |
| 123 | 123 | ||
| 124 | if (!(pmaps = sk_POLICY_MAPPING_new_null())) { | 124 | if (!(pmaps = sk_POLICY_MAPPING_new_null())) { |
| 125 | X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE); | 125 | X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE); |
| @@ -129,31 +129,33 @@ v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, | |||
| 129 | for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { | 129 | for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { |
| 130 | val = sk_CONF_VALUE_value(nval, i); | 130 | val = sk_CONF_VALUE_value(nval, i); |
| 131 | if (!val->value || !val->name) { | 131 | if (!val->value || !val->name) { |
| 132 | sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); | 132 | rc = X509V3_R_INVALID_OBJECT_IDENTIFIER; |
| 133 | X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, | 133 | goto err; |
| 134 | X509V3_R_INVALID_OBJECT_IDENTIFIER); | ||
| 135 | X509V3_conf_err(val); | ||
| 136 | return NULL; | ||
| 137 | } | 134 | } |
| 138 | obj1 = OBJ_txt2obj(val->name, 0); | 135 | obj1 = OBJ_txt2obj(val->name, 0); |
| 139 | obj2 = OBJ_txt2obj(val->value, 0); | 136 | obj2 = OBJ_txt2obj(val->value, 0); |
| 140 | if (!obj1 || !obj2) { | 137 | if (!obj1 || !obj2) { |
| 141 | sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); | 138 | rc = X509V3_R_INVALID_OBJECT_IDENTIFIER; |
| 142 | X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, | 139 | goto err; |
| 143 | X509V3_R_INVALID_OBJECT_IDENTIFIER); | ||
| 144 | X509V3_conf_err(val); | ||
| 145 | return NULL; | ||
| 146 | } | 140 | } |
| 147 | pmap = POLICY_MAPPING_new(); | 141 | pmap = POLICY_MAPPING_new(); |
| 148 | if (!pmap) { | 142 | if (!pmap) { |
| 149 | sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); | 143 | rc = ERR_R_MALLOC_FAILURE; |
| 150 | X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, | 144 | goto err; |
| 151 | ERR_R_MALLOC_FAILURE); | ||
| 152 | return NULL; | ||
| 153 | } | 145 | } |
| 154 | pmap->issuerDomainPolicy = obj1; | 146 | pmap->issuerDomainPolicy = obj1; |
| 155 | pmap->subjectDomainPolicy = obj2; | 147 | pmap->subjectDomainPolicy = obj2; |
| 156 | sk_POLICY_MAPPING_push(pmaps, pmap); | 148 | if (sk_POLICY_MAPPING_push(pmaps, pmap) == 0) { |
| 149 | rc = ERR_R_MALLOC_FAILURE; | ||
| 150 | goto err; | ||
| 151 | } | ||
| 157 | } | 152 | } |
| 158 | return pmaps; | 153 | return pmaps; |
| 154 | |||
| 155 | err: | ||
| 156 | sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); | ||
| 157 | X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, rc); | ||
| 158 | if (rc == X509V3_R_INVALID_OBJECT_IDENTIFIER) | ||
| 159 | X509V3_conf_err(val); | ||
| 160 | return NULL; | ||
| 159 | } | 161 | } |