diff options
| author | marha <marha@users.sourceforge.net> | 2015-04-20 22:51:55 +0200 |
|---|---|---|
| committer | marha <marha@users.sourceforge.net> | 2015-04-20 22:53:07 +0200 |
| commit | 2a00e489122f6c4b525090dbdba2855a2ea2d519 (patch) | |
| tree | 815e5c842bccb2bc6eb4b2934ef618fe32b820ca /openssl/crypto/x509v3 | |
| parent | 4ba9be2882d9f1567809edb0a31fcdf11320d41f (diff) | |
| download | vcxsrv-2a00e489122f6c4b525090dbdba2855a2ea2d519.tar.gz vcxsrv-2a00e489122f6c4b525090dbdba2855a2ea2d519.tar.bz2 vcxsrv-2a00e489122f6c4b525090dbdba2855a2ea2d519.zip | |
Upgraded to openssl 1.0.2a
Diffstat (limited to 'openssl/crypto/x509v3')
| -rw-r--r-- | openssl/crypto/x509v3/v3_cpols.c | 16 | ||||
| -rw-r--r-- | openssl/crypto/x509v3/v3_utl.c | 7 |
2 files changed, 18 insertions, 5 deletions
diff --git a/openssl/crypto/x509v3/v3_cpols.c b/openssl/crypto/x509v3/v3_cpols.c index 476d51c0b..dca6ab2ec 100644 --- a/openssl/crypto/x509v3/v3_cpols.c +++ b/openssl/crypto/x509v3/v3_cpols.c @@ -230,8 +230,12 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, goto merr; if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) goto merr; - qual->pqualid = OBJ_nid2obj(NID_id_qt_cps); - qual->d.cpsuri = M_ASN1_IA5STRING_new(); + if(!(qual->pqualid = OBJ_nid2obj(NID_id_qt_cps))) { + X509V3err(X509V3_F_POLICY_SECTION, ERR_R_INTERNAL_ERROR); + goto err; + } + if(!(qual->d.cpsuri = M_ASN1_IA5STRING_new())) + goto merr; if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value, strlen(cnf->value))) goto merr; @@ -290,14 +294,18 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, POLICYQUALINFO *qual; if (!(qual = POLICYQUALINFO_new())) goto merr; - qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice); + if(!(qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice))) { + X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_INTERNAL_ERROR); + goto err; + } if (!(not = USERNOTICE_new())) goto merr; qual->d.usernotice = not; for (i = 0; i < sk_CONF_VALUE_num(unot); i++) { cnf = sk_CONF_VALUE_value(unot, i); if (!strcmp(cnf->name, "explicitText")) { - not->exptext = M_ASN1_VISIBLESTRING_new(); + if(!(not->exptext = M_ASN1_VISIBLESTRING_new())) + goto merr; if (!ASN1_STRING_set(not->exptext, cnf->value, strlen(cnf->value))) goto merr; diff --git a/openssl/crypto/x509v3/v3_utl.c b/openssl/crypto/x509v3/v3_utl.c index f65323be0..ed6099e12 100644 --- a/openssl/crypto/x509v3/v3_utl.c +++ b/openssl/crypto/x509v3/v3_utl.c @@ -901,8 +901,13 @@ static int do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal, int astrlen; unsigned char *astr; astrlen = ASN1_STRING_to_UTF8(&astr, a); - if (astrlen < 0) + if (astrlen < 0) { + /* + * -1 could be an internal malloc failure or a decoding error from + * malformed input; we can't distinguish. + */ return -1; + } rv = equal(astr, astrlen, (unsigned char *)b, blen, flags); if (rv > 0 && peername) *peername = BUF_strndup((char *)astr, astrlen); |