From e7dbd7a1e2ad3e12dafa2919bc8603d60416ea4d Mon Sep 17 00:00:00 2001
From: beck <>
Date: Sat, 26 Apr 2014 18:56:38 +0000
Subject: Replace all use of ERR_add_error_data with ERR_asprintf_error_data.
 This avoids a lot of ugly gymnastics to do snprintfs before sending the bag
 of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it
 was being called with the incorrect number of arguments and using random
 things off the stack as addresses of strings. ok krw@, jsing@

---
 src/lib/libcrypto/ocsp/ocsp_vfy.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'src/lib/libcrypto/ocsp/ocsp_vfy.c')

diff --git a/src/lib/libcrypto/ocsp/ocsp_vfy.c b/src/lib/libcrypto/ocsp/ocsp_vfy.c
index 276718304d..0b181d5abe 100644
--- a/src/lib/libcrypto/ocsp/ocsp_vfy.c
+++ b/src/lib/libcrypto/ocsp/ocsp_vfy.c
@@ -122,9 +122,9 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
 		X509_STORE_CTX_cleanup(&ctx);
                 if (ret <= 0)
 			{
-			i = X509_STORE_CTX_get_error(&ctx);	
+			i = X509_STORE_CTX_get_error(&ctx);
 			OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,OCSP_R_CERTIFICATE_VERIFY_ERROR);
-			ERR_add_error_data(2, "Verify error:",
+			ERR_asprintf_error_data("Verify error:%s",
 					X509_verify_cert_error_string(i));
                         goto end;
                 	}
@@ -421,7 +421,7 @@ int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, X509_STORE *st
 			{
 			ret = X509_STORE_CTX_get_error(&ctx);	
 			OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,OCSP_R_CERTIFICATE_VERIFY_ERROR);
-			ERR_add_error_data(2, "Verify error:",
+			ERR_asprintf_error_data("Verify error:%s",
 					X509_verify_cert_error_string(ret));
                         return 0;
                 	}
-- 
cgit v1.2.3-55-g6feb