diff options
| author | marha <marha@users.sourceforge.net> | 2015-04-20 23:05:23 +0200 |
|---|---|---|
| committer | marha <marha@users.sourceforge.net> | 2015-04-20 23:05:23 +0200 |
| commit | 0f7871ff824bcf064db3ab6bdfe26645ba6c8087 (patch) | |
| tree | 90d3d2b6112e083289c9cf68146852087814f6d3 /openssl/crypto/x509v3 | |
| parent | 934184bfecd402aae891b8740d788b486aa7269f (diff) | |
| parent | 2a00e489122f6c4b525090dbdba2855a2ea2d519 (diff) | |
| download | vcxsrv-0f7871ff824bcf064db3ab6bdfe26645ba6c8087.tar.gz vcxsrv-0f7871ff824bcf064db3ab6bdfe26645ba6c8087.tar.bz2 vcxsrv-0f7871ff824bcf064db3ab6bdfe26645ba6c8087.zip | |
Merge remote-tracking branch 'origin/released'
Conflicts:
openssl/Makefile
Diffstat (limited to 'openssl/crypto/x509v3')
| -rw-r--r-- | openssl/crypto/x509v3/v3_cpols.c | 16 | ||||
| -rw-r--r-- | openssl/crypto/x509v3/v3_utl.c | 7 |
2 files changed, 18 insertions, 5 deletions
diff --git a/openssl/crypto/x509v3/v3_cpols.c b/openssl/crypto/x509v3/v3_cpols.c index 476d51c0b..dca6ab2ec 100644 --- a/openssl/crypto/x509v3/v3_cpols.c +++ b/openssl/crypto/x509v3/v3_cpols.c @@ -230,8 +230,12 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, goto merr; if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) goto merr; - qual->pqualid = OBJ_nid2obj(NID_id_qt_cps); - qual->d.cpsuri = M_ASN1_IA5STRING_new(); + if(!(qual->pqualid = OBJ_nid2obj(NID_id_qt_cps))) { + X509V3err(X509V3_F_POLICY_SECTION, ERR_R_INTERNAL_ERROR); + goto err; + } + if(!(qual->d.cpsuri = M_ASN1_IA5STRING_new())) + goto merr; if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value, strlen(cnf->value))) goto merr; @@ -290,14 +294,18 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, POLICYQUALINFO *qual; if (!(qual = POLICYQUALINFO_new())) goto merr; - qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice); + if(!(qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice))) { + X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_INTERNAL_ERROR); + goto err; + } if (!(not = USERNOTICE_new())) goto merr; qual->d.usernotice = not; for (i = 0; i < sk_CONF_VALUE_num(unot); i++) { cnf = sk_CONF_VALUE_value(unot, i); if (!strcmp(cnf->name, "explicitText")) { - not->exptext = M_ASN1_VISIBLESTRING_new(); + if(!(not->exptext = M_ASN1_VISIBLESTRING_new())) + goto merr; if (!ASN1_STRING_set(not->exptext, cnf->value, strlen(cnf->value))) goto merr; diff --git a/openssl/crypto/x509v3/v3_utl.c b/openssl/crypto/x509v3/v3_utl.c index f65323be0..ed6099e12 100644 --- a/openssl/crypto/x509v3/v3_utl.c +++ b/openssl/crypto/x509v3/v3_utl.c @@ -901,8 +901,13 @@ static int do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal, int astrlen; unsigned char *astr; astrlen = ASN1_STRING_to_UTF8(&astr, a); - if (astrlen < 0) + if (astrlen < 0) { + /* + * -1 could be an internal malloc failure or a decoding error from + * malformed input; we can't distinguish. + */ return -1; + } rv = equal(astr, astrlen, (unsigned char *)b, blen, flags); if (rv > 0 && peername) *peername = BUF_strndup((char *)astr, astrlen); |