Revert previous, which was wrong as noted by schwarze. Also revert a hunk

from r1.45 and thereby avoid a use-after-free spotted by schwarze. ok schwarze
author: tb <> 2018-08-16 16:56:51 +0000
committer: tb <> 2018-08-16 16:56:51 +0000
commit: 61047d88f0630349c7e9d77bb765951611173867 (patch)
tree: 55a8048deedec579c8d8d4dc9a2c56a4991eac9f /src
parent: b7b733d215deb5e8e504a7261bb09f358effe41a (diff)
download: openbsd-61047d88f0630349c7e9d77bb765951611173867.tar.gz
openbsd-61047d88f0630349c7e9d77bb765951611173867.tar.bz2
openbsd-61047d88f0630349c7e9d77bb765951611173867.zip
1 files changed, 7 insertions, 4 deletions
diff --git a/src/usr.bin/openssl/apps.c b/src/usr.bin/openssl/apps.c
index 55a455069e..3febc15d2b 100644
--- a/src/usr.bin/openssl/apps.c
+++ b/src/usr.bin/openssl/apps.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: apps.c,v 1.48 2018/08/16 10:26:34 rob Exp $ */
+/* $OpenBSD: apps.c,v 1.49 2018/08/16 16:56:51 tb Exp $ */
 /*
 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
 *
@@ -2050,10 +2050,12 @@ policies_print(BIO *out, X509_STORE_CTX *ctx)
 {
        X509_POLICY_TREE *tree;
        int explicit_policy;
+        int free_out = 0;
-        if (out == NULL)
+        if (out == NULL) {
                out = BIO_new_fp(stderr, BIO_NOCLOSE);
+                free_out = 1;
+        }
        tree = X509_STORE_CTX_get0_policy_tree(ctx);
        explicit_policy = X509_STORE_CTX_get_explicit_policy(ctx);
@@ -2063,7 +2065,8 @@ policies_print(BIO *out, X509_STORE_CTX *ctx)
        nodes_print(out, "Authority", X509_policy_tree_get0_policies(tree));
        nodes_print(out, "User", X509_policy_tree_get0_user_policies(tree));
-        BIO_free(out);
+        if (free_out)
+                BIO_free(out);
 }
 /*
author	tb <>	2018-08-16 16:56:51 +0000
committer	tb <>	2018-08-16 16:56:51 +0000
commit	61047d88f0630349c7e9d77bb765951611173867 (patch)
tree	55a8048deedec579c8d8d4dc9a2c56a4991eac9f /src
parent	b7b733d215deb5e8e504a7261bb09f358effe41a (diff)
download	openbsd-61047d88f0630349c7e9d77bb765951611173867.tar.gz openbsd-61047d88f0630349c7e9d77bb765951611173867.tar.bz2 openbsd-61047d88f0630349c7e9d77bb765951611173867.zip

diff --git a/src/usr.bin/openssl/apps.c b/src/usr.bin/openssl/apps.c index 55a455069e..3febc15d2b 100644 --- a/src/usr.bin/openssl/apps.c +++ b/src/usr.bin/openssl/apps.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: apps.c,v 1.48 2018/08/16 10:26:34 rob Exp $ */	1	/* $OpenBSD: apps.c,v 1.49 2018/08/16 16:56:51 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -2050,10 +2050,12 @@ policies_print(BIO out, X509_STORE_CTX ctx)
2050	{	2050	{
2051	X509_POLICY_TREE *tree;	2051	X509_POLICY_TREE *tree;
2052	int explicit_policy;	2052	int explicit_policy;
		2053	int free_out = 0;
2053		2054
2054	if (out == NULL)	2055	if (out == NULL) {
2055	out = BIO_new_fp(stderr, BIO_NOCLOSE);	2056	out = BIO_new_fp(stderr, BIO_NOCLOSE);
2056		2057	free_out = 1;
		2058	}
2057	tree = X509_STORE_CTX_get0_policy_tree(ctx);	2059	tree = X509_STORE_CTX_get0_policy_tree(ctx);
2058	explicit_policy = X509_STORE_CTX_get_explicit_policy(ctx);	2060	explicit_policy = X509_STORE_CTX_get_explicit_policy(ctx);
2059		2061
@@ -2063,7 +2065,8 @@ policies_print(BIO out, X509_STORE_CTX ctx)
2063	nodes_print(out, "Authority", X509_policy_tree_get0_policies(tree));	2065	nodes_print(out, "Authority", X509_policy_tree_get0_policies(tree));
2064	nodes_print(out, "User", X509_policy_tree_get0_user_policies(tree));	2066	nodes_print(out, "User", X509_policy_tree_get0_user_policies(tree));
2065		2067
2066	BIO_free(out);	2068	if (free_out)
		2069	BIO_free(out);
2067	}	2070	}
2068		2071
2069	/*	2072	/*