Add error checking to i2v_POLICY_MAPPINGS().

ok jsing
author: tb <> 2019-04-22 17:32:09 +0000
committer: tb <> 2019-04-22 17:32:09 +0000
commit: 3e2a6ad9043599871270c10ce91ea7ef6387184b (patch)
tree: b9c2ccc3164e8528fddc57f77ca3a4c1e1c8950d /src
parent: 307a924ed8f794bf3663e46968cdd7e0eabfd943 (diff)
download: openbsd-3e2a6ad9043599871270c10ce91ea7ef6387184b.tar.gz
openbsd-3e2a6ad9043599871270c10ce91ea7ef6387184b.tar.bz2
openbsd-3e2a6ad9043599871270c10ce91ea7ef6387184b.zip
1 files changed, 26 insertions, 9 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_pmaps.c b/src/lib/libcrypto/x509v3/v3_pmaps.c
index 32ef6be866..b10dfda072 100644
--- a/src/lib/libcrypto/x509v3/v3_pmaps.c
+++ b/src/lib/libcrypto/x509v3/v3_pmaps.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: v3_pmaps.c,v 1.11 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: v3_pmaps.c,v 1.12 2019/04/22 17:32:09 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
@@ -146,21 +146,38 @@ POLICY_MAPPING_free(POLICY_MAPPING *a)
 static STACK_OF(CONF_VALUE) *
 i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, void *a,
-    STACK_OF(CONF_VALUE) *ext_list)
+    STACK_OF(CONF_VALUE) *extlist)
 {
+        STACK_OF(CONF_VALUE) *free_extlist;
        POLICY_MAPPINGS *pmaps = a;
        POLICY_MAPPING *pmap;
+        char issuer[80], subject[80];
        int i;
-        char obj_tmp1[80];
-        char obj_tmp2[80];
+        if (extlist == NULL) {
+                if ((free_extlist = extlist = sk_CONF_VALUE_new_null()) == NULL)
+                        return NULL;
+        }
        for (i = 0; i < sk_POLICY_MAPPING_num(pmaps); i++) {
-                pmap = sk_POLICY_MAPPING_value(pmaps, i);
+                if ((pmap = sk_POLICY_MAPPING_value(pmaps, i)) == NULL)
-                i2t_ASN1_OBJECT(obj_tmp1, 80, pmap->issuerDomainPolicy);
+                        goto err;
-                i2t_ASN1_OBJECT(obj_tmp2, 80, pmap->subjectDomainPolicy);
+                if (!i2t_ASN1_OBJECT(issuer, sizeof issuer,
-                X509V3_add_value(obj_tmp1, obj_tmp2, &ext_list);
+                    pmap->issuerDomainPolicy))
+                        goto err;
+                if (!i2t_ASN1_OBJECT(subject, sizeof subject,
+                    pmap->subjectDomainPolicy))
+                        goto err;
+                if (!X509V3_add_value(issuer, subject, &extlist))
+                        goto err;
        }
-        return ext_list;
+        return extlist;
+ err:
+        sk_CONF_VALUE_pop_free(free_extlist, X509V3_conf_free);
+        return NULL;
 }
 static void *
author	tb <>	2019-04-22 17:32:09 +0000
committer	tb <>	2019-04-22 17:32:09 +0000
commit	3e2a6ad9043599871270c10ce91ea7ef6387184b (patch)
tree	b9c2ccc3164e8528fddc57f77ca3a4c1e1c8950d /src
parent	307a924ed8f794bf3663e46968cdd7e0eabfd943 (diff)
download	openbsd-3e2a6ad9043599871270c10ce91ea7ef6387184b.tar.gz openbsd-3e2a6ad9043599871270c10ce91ea7ef6387184b.tar.bz2 openbsd-3e2a6ad9043599871270c10ce91ea7ef6387184b.zip

diff --git a/src/lib/libcrypto/x509v3/v3_pmaps.c b/src/lib/libcrypto/x509v3/v3_pmaps.c index 32ef6be866..b10dfda072 100644 --- a/src/lib/libcrypto/x509v3/v3_pmaps.c +++ b/src/lib/libcrypto/x509v3/v3_pmaps.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: v3_pmaps.c,v 1.11 2017/01/29 17:49:23 beck Exp $ */	1	/* $OpenBSD: v3_pmaps.c,v 1.12 2019/04/22 17:32:09 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project.	3	* project.
4	*/	4	*/
@@ -146,21 +146,38 @@ POLICY_MAPPING_free(POLICY_MAPPING *a)
146		146
147	static STACK_OF(CONF_VALUE) *	147	static STACK_OF(CONF_VALUE) *
148	i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD method, void a,	148	i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD method, void a,
149	STACK_OF(CONF_VALUE) *ext_list)	149	STACK_OF(CONF_VALUE) *extlist)
150	{	150	{
		151	STACK_OF(CONF_VALUE) *free_extlist;
151	POLICY_MAPPINGS *pmaps = a;	152	POLICY_MAPPINGS *pmaps = a;
152	POLICY_MAPPING *pmap;	153	POLICY_MAPPING *pmap;
		154	char issuer[80], subject[80];
153	int i;	155	int i;
154	char obj_tmp1[80];	156
155	char obj_tmp2[80];	157	if (extlist == NULL) {
		158	if ((free_extlist = extlist = sk_CONF_VALUE_new_null()) == NULL)
		159	return NULL;
		160	}
156		161
157	for (i = 0; i < sk_POLICY_MAPPING_num(pmaps); i++) {	162	for (i = 0; i < sk_POLICY_MAPPING_num(pmaps); i++) {
158	pmap = sk_POLICY_MAPPING_value(pmaps, i);	163	if ((pmap = sk_POLICY_MAPPING_value(pmaps, i)) == NULL)
159	i2t_ASN1_OBJECT(obj_tmp1, 80, pmap->issuerDomainPolicy);	164	goto err;
160	i2t_ASN1_OBJECT(obj_tmp2, 80, pmap->subjectDomainPolicy);	165	if (!i2t_ASN1_OBJECT(issuer, sizeof issuer,
161	X509V3_add_value(obj_tmp1, obj_tmp2, &ext_list);	166	pmap->issuerDomainPolicy))
		167	goto err;
		168	if (!i2t_ASN1_OBJECT(subject, sizeof subject,
		169	pmap->subjectDomainPolicy))
		170	goto err;
		171	if (!X509V3_add_value(issuer, subject, &extlist))
		172	goto err;
162	}	173	}
163	return ext_list;	174
		175	return extlist;
		176
		177	err:
		178	sk_CONF_VALUE_pop_free(free_extlist, X509V3_conf_free);
		179
		180	return NULL;
164	}	181	}
165		182
166	static void *	183	static void *