diff options
| author | tb <> | 2023-05-05 14:05:33 +0000 |
|---|---|---|
| committer | tb <> | 2023-05-05 14:05:33 +0000 |
| commit | 3f6684ef99f4b237e9f27aff6c9cbd5ec55f5939 (patch) | |
| tree | 62f72dc86b9dd5426b96b7010a8bf96d9e5401c5 /src | |
| parent | 8ea4c2a512bf29a8ba458782be6c1306906080ec (diff) | |
| download | openbsd-3f6684ef99f4b237e9f27aff6c9cbd5ec55f5939.tar.gz openbsd-3f6684ef99f4b237e9f27aff6c9cbd5ec55f5939.tar.bz2 openbsd-3f6684ef99f4b237e9f27aff6c9cbd5ec55f5939.zip | |
Fix error handling in tls_check_common_name()
A calloc failure should be a fatal error, so make it return -1.
Also switch the default rv to -1 and distinguish error cases with
acceptable situations with goto err/goto done.
ok jsing
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libtls/tls_verify.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/src/lib/libtls/tls_verify.c b/src/lib/libtls/tls_verify.c index acbe163ffd..685146a4a9 100644 --- a/src/lib/libtls/tls_verify.c +++ b/src/lib/libtls/tls_verify.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls_verify.c,v 1.20 2018/02/05 00:52:24 jsing Exp $ */ | 1 | /* $OpenBSD: tls_verify.c,v 1.21 2023/05/05 14:05:33 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org> | 3 | * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org> |
| 4 | * | 4 | * |
| @@ -209,7 +209,7 @@ tls_check_common_name(struct tls *ctx, X509 *cert, const char *name, | |||
| 209 | char *common_name = NULL; | 209 | char *common_name = NULL; |
| 210 | union tls_addr addrbuf; | 210 | union tls_addr addrbuf; |
| 211 | int common_name_len; | 211 | int common_name_len; |
| 212 | int rv = 0; | 212 | int rv = -1; |
| 213 | 213 | ||
| 214 | *cn_match = 0; | 214 | *cn_match = 0; |
| 215 | 215 | ||
| @@ -223,8 +223,10 @@ tls_check_common_name(struct tls *ctx, X509 *cert, const char *name, | |||
| 223 | goto done; | 223 | goto done; |
| 224 | 224 | ||
| 225 | common_name = calloc(common_name_len + 1, 1); | 225 | common_name = calloc(common_name_len + 1, 1); |
| 226 | if (common_name == NULL) | 226 | if (common_name == NULL) { |
| 227 | goto done; | 227 | tls_set_error(ctx, "out of memory"); |
| 228 | goto err; | ||
| 229 | } | ||
| 228 | 230 | ||
| 229 | X509_NAME_get_text_by_NID(subject_name, NID_commonName, common_name, | 231 | X509_NAME_get_text_by_NID(subject_name, NID_commonName, common_name, |
| 230 | common_name_len + 1); | 232 | common_name_len + 1); |
| @@ -235,8 +237,7 @@ tls_check_common_name(struct tls *ctx, X509 *cert, const char *name, | |||
| 235 | tls_set_errorx(ctx, "error verifying name '%s': " | 237 | tls_set_errorx(ctx, "error verifying name '%s': " |
| 236 | "NUL byte in Common Name field, " | 238 | "NUL byte in Common Name field, " |
| 237 | "probably a malicious certificate", name); | 239 | "probably a malicious certificate", name); |
| 238 | rv = -1; | 240 | goto err; |
| 239 | goto done; | ||
| 240 | } | 241 | } |
| 241 | 242 | ||
| 242 | /* | 243 | /* |
| @@ -254,6 +255,9 @@ tls_check_common_name(struct tls *ctx, X509 *cert, const char *name, | |||
| 254 | *cn_match = 1; | 255 | *cn_match = 1; |
| 255 | 256 | ||
| 256 | done: | 257 | done: |
| 258 | rv = 0; | ||
| 259 | |||
| 260 | err: | ||
| 257 | free(common_name); | 261 | free(common_name); |
| 258 | return rv; | 262 | return rv; |
| 259 | } | 263 | } |