Check i2d_name_canon() for failure (negative return). Coverity CID 78888.

ok doug@ jsing@
author: miod <> 2015-02-14 15:16:59 +0000
committer: miod <> 2015-02-14 15:16:59 +0000
commit: f6b0c8ad7f8c00e03ee72fd8edb2468a6dea987a (patch)
tree: 45e034643fdda8ea66116aa6f8474bd8dea79b84 /src
parent: 03c6c313948247939e6d31a9c40209243eb569f7 (diff)
download: openbsd-f6b0c8ad7f8c00e03ee72fd8edb2468a6dea987a.tar.gz
openbsd-f6b0c8ad7f8c00e03ee72fd8edb2468a6dea987a.tar.bz2
openbsd-f6b0c8ad7f8c00e03ee72fd8edb2468a6dea987a.zip
2 files changed, 16 insertions, 12 deletions
diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c
index 910110505d..c69c35534d 100644
--- a/src/lib/libcrypto/asn1/x_name.c
+++ b/src/lib/libcrypto/asn1/x_name.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x_name.c,v 1.26 2015/02/11 04:00:39 jsing Exp $ */
+/* $OpenBSD: x_name.c,v 1.27 2015/02/14 15:16:59 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -422,7 +422,7 @@ x509_name_canon(X509_NAME *a)
        STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL;
        STACK_OF(X509_NAME_ENTRY) *entries = NULL;
        X509_NAME_ENTRY *entry, *tmpentry = NULL;
-        int i, set = -1, ret = 0;
+        int i, len, set = -1, ret = 0;
        if (a->canon_enc) {
                free(a->canon_enc);
@@ -456,16 +456,18 @@ x509_name_canon(X509_NAME *a)
        }
        /* Finally generate encoding */
-        a->canon_enclen = i2d_name_canon(intname, NULL);
+        len = i2d_name_canon(intname, NULL);
-        p = malloc(a->canon_enclen);
+        if (len < 0)
-        if (!p)
+                goto err;
+        p = malloc(len);
+        if (p == NULL)
                goto err;
        a->canon_enc = p;
+        a->canon_enclen = len;
        i2d_name_canon(intname, &p);
        ret = 1;
 err:
        if (tmpentry)
                X509_NAME_ENTRY_free(tmpentry);
        if (intname)
diff --git a/src/lib/libssl/src/crypto/asn1/x_name.c b/src/lib/libssl/src/crypto/asn1/x_name.c
index 910110505d..c69c35534d 100644
--- a/src/lib/libssl/src/crypto/asn1/x_name.c
+++ b/src/lib/libssl/src/crypto/asn1/x_name.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x_name.c,v 1.26 2015/02/11 04:00:39 jsing Exp $ */
+/* $OpenBSD: x_name.c,v 1.27 2015/02/14 15:16:59 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -422,7 +422,7 @@ x509_name_canon(X509_NAME *a)
        STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL;
        STACK_OF(X509_NAME_ENTRY) *entries = NULL;
        X509_NAME_ENTRY *entry, *tmpentry = NULL;
-        int i, set = -1, ret = 0;
+        int i, len, set = -1, ret = 0;
        if (a->canon_enc) {
                free(a->canon_enc);
@@ -456,16 +456,18 @@ x509_name_canon(X509_NAME *a)
        }
        /* Finally generate encoding */
-        a->canon_enclen = i2d_name_canon(intname, NULL);
+        len = i2d_name_canon(intname, NULL);
-        p = malloc(a->canon_enclen);
+        if (len < 0)
-        if (!p)
+                goto err;
+        p = malloc(len);
+        if (p == NULL)
                goto err;
        a->canon_enc = p;
+        a->canon_enclen = len;
        i2d_name_canon(intname, &p);
        ret = 1;
 err:
        if (tmpentry)
                X509_NAME_ENTRY_free(tmpentry);
        if (intname)
author	miod <>	2015-02-14 15:16:59 +0000
committer	miod <>	2015-02-14 15:16:59 +0000
commit	f6b0c8ad7f8c00e03ee72fd8edb2468a6dea987a (patch)
tree	45e034643fdda8ea66116aa6f8474bd8dea79b84 /src
parent	03c6c313948247939e6d31a9c40209243eb569f7 (diff)
download	openbsd-f6b0c8ad7f8c00e03ee72fd8edb2468a6dea987a.tar.gz openbsd-f6b0c8ad7f8c00e03ee72fd8edb2468a6dea987a.tar.bz2 openbsd-f6b0c8ad7f8c00e03ee72fd8edb2468a6dea987a.zip