diff options
Diffstat (limited to 'src/lib/libcrypto/asn1/a_object.c')
| -rw-r--r-- | src/lib/libcrypto/asn1/a_object.c | 35 |
1 files changed, 9 insertions, 26 deletions
diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c index e5fbe7cbb1..dc980421d0 100644 --- a/src/lib/libcrypto/asn1/a_object.c +++ b/src/lib/libcrypto/asn1/a_object.c | |||
| @@ -281,6 +281,8 @@ ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, | |||
| 281 | return ret; | 281 | return ret; |
| 282 | err: | 282 | err: |
| 283 | ASN1err(ASN1_F_D2I_ASN1_OBJECT,i); | 283 | ASN1err(ASN1_F_D2I_ASN1_OBJECT,i); |
| 284 | if ((ret != NULL) && ((a == NULL) || (*a != ret))) | ||
| 285 | ASN1_OBJECT_free(ret); | ||
| 284 | return(NULL); | 286 | return(NULL); |
| 285 | } | 287 | } |
| 286 | ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, | 288 | ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, |
| @@ -288,19 +290,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, | |||
| 288 | { | 290 | { |
| 289 | ASN1_OBJECT *ret=NULL; | 291 | ASN1_OBJECT *ret=NULL; |
| 290 | const unsigned char *p; | 292 | const unsigned char *p; |
| 291 | unsigned char *data; | ||
| 292 | int i; | 293 | int i; |
| 293 | /* Sanity check OID encoding: can't have leading 0x80 in | ||
| 294 | * subidentifiers, see: X.690 8.19.2 | ||
| 295 | */ | ||
| 296 | for (i = 0, p = *pp + 1; i < len - 1; i++, p++) | ||
| 297 | { | ||
| 298 | if (*p == 0x80 && (!i || !(p[-1] & 0x80))) | ||
| 299 | { | ||
| 300 | ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING); | ||
| 301 | return NULL; | ||
| 302 | } | ||
| 303 | } | ||
| 304 | 294 | ||
| 305 | /* only the ASN1_OBJECTs from the 'table' will have values | 295 | /* only the ASN1_OBJECTs from the 'table' will have values |
| 306 | * for ->sn or ->ln */ | 296 | * for ->sn or ->ln */ |
| @@ -312,22 +302,15 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, | |||
| 312 | else ret=(*a); | 302 | else ret=(*a); |
| 313 | 303 | ||
| 314 | p= *pp; | 304 | p= *pp; |
| 315 | /* detach data from object */ | 305 | if ((ret->data == NULL) || (ret->length < len)) |
| 316 | data = (unsigned char *)ret->data; | ||
| 317 | ret->data = NULL; | ||
| 318 | /* once detached we can change it */ | ||
| 319 | if ((data == NULL) || (ret->length < len)) | ||
| 320 | { | 306 | { |
| 321 | ret->length=0; | 307 | if (ret->data != NULL) OPENSSL_free(ret->data); |
| 322 | if (data != NULL) OPENSSL_free(data); | 308 | ret->data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1); |
| 323 | data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1); | ||
| 324 | if (data == NULL) | ||
| 325 | { i=ERR_R_MALLOC_FAILURE; goto err; } | ||
| 326 | ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; | 309 | ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; |
| 310 | if (ret->data == NULL) | ||
| 311 | { i=ERR_R_MALLOC_FAILURE; goto err; } | ||
| 327 | } | 312 | } |
| 328 | memcpy(data,p,(int)len); | 313 | memcpy(ret->data,p,(int)len); |
| 329 | /* reattach data to object, after which it remains const */ | ||
| 330 | ret->data =data; | ||
| 331 | ret->length=(int)len; | 314 | ret->length=(int)len; |
| 332 | ret->sn=NULL; | 315 | ret->sn=NULL; |
| 333 | ret->ln=NULL; | 316 | ret->ln=NULL; |
| @@ -376,7 +359,7 @@ void ASN1_OBJECT_free(ASN1_OBJECT *a) | |||
| 376 | } | 359 | } |
| 377 | if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) | 360 | if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) |
| 378 | { | 361 | { |
| 379 | if (a->data != NULL) OPENSSL_free((void *)a->data); | 362 | if (a->data != NULL) OPENSSL_free(a->data); |
| 380 | a->data=NULL; | 363 | a->data=NULL; |
| 381 | a->length=0; | 364 | a->length=0; |
| 382 | } | 365 | } |