aboutsummaryrefslogtreecommitdiff
path: root/openssl/crypto/asn1
diff options
context:
space:
mode:
Diffstat (limited to 'openssl/crypto/asn1')
-rw-r--r--openssl/crypto/asn1/a_object.c30
-rw-r--r--openssl/crypto/asn1/a_utctm.c24
-rw-r--r--openssl/crypto/asn1/ameth_lib.c7
-rw-r--r--openssl/crypto/asn1/asn1_lib.c3
-rw-r--r--openssl/crypto/asn1/asn_mime.c2
-rw-r--r--openssl/crypto/asn1/asn_pack.c12
-rw-r--r--openssl/crypto/asn1/bio_asn1.c3
-rw-r--r--openssl/crypto/asn1/charmap.pl3
-rw-r--r--openssl/crypto/asn1/evp_asn1.c6
-rw-r--r--openssl/crypto/asn1/t_x509.c2
-rw-r--r--openssl/crypto/asn1/tasn_enc.c7
-rw-r--r--openssl/crypto/asn1/x_crl.c1
12 files changed, 81 insertions, 19 deletions
diff --git a/openssl/crypto/asn1/a_object.c b/openssl/crypto/asn1/a_object.c
index 3978c9150..77b276896 100644
--- a/openssl/crypto/asn1/a_object.c
+++ b/openssl/crypto/asn1/a_object.c
@@ -283,17 +283,29 @@ err:
ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
return(NULL);
}
+
ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
long len)
{
ASN1_OBJECT *ret=NULL;
const unsigned char *p;
unsigned char *data;
- int i;
- /* Sanity check OID encoding: can't have leading 0x80 in
- * subidentifiers, see: X.690 8.19.2
+ int i, length;
+
+ /* Sanity check OID encoding.
+ * Need at least one content octet.
+ * MSB must be clear in the last octet.
+ * can't have leading 0x80 in subidentifiers, see: X.690 8.19.2
*/
- for (i = 0, p = *pp; i < len; i++, p++)
+ if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL ||
+ p[len - 1] & 0x80)
+ {
+ ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING);
+ return NULL;
+ }
+ /* Now 0 < len <= INT_MAX, so the cast is safe. */
+ length = (int)len;
+ for (i = 0; i < length; i++, p++)
{
if (*p == 0x80 && (!i || !(p[-1] & 0x80)))
{
@@ -316,23 +328,23 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
data = (unsigned char *)ret->data;
ret->data = NULL;
/* once detached we can change it */
- if ((data == NULL) || (ret->length < len))
+ if ((data == NULL) || (ret->length < length))
{
ret->length=0;
if (data != NULL) OPENSSL_free(data);
- data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1);
+ data=(unsigned char *)OPENSSL_malloc(length);
if (data == NULL)
{ i=ERR_R_MALLOC_FAILURE; goto err; }
ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
}
- memcpy(data,p,(int)len);
+ memcpy(data,p,length);
/* reattach data to object, after which it remains const */
ret->data =data;
- ret->length=(int)len;
+ ret->length=length;
ret->sn=NULL;
ret->ln=NULL;
/* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
- p+=len;
+ p+=length;
if (a != NULL) (*a)=ret;
*pp=p;
diff --git a/openssl/crypto/asn1/a_utctm.c b/openssl/crypto/asn1/a_utctm.c
index 072e23659..bbdc9b322 100644
--- a/openssl/crypto/asn1/a_utctm.c
+++ b/openssl/crypto/asn1/a_utctm.c
@@ -196,24 +196,29 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
struct tm *ts;
struct tm data;
size_t len = 20;
+ int free_s = 0;
if (s == NULL)
+ {
+ free_s = 1;
s=M_ASN1_UTCTIME_new();
+ }
if (s == NULL)
- return(NULL);
+ goto err;
+
ts=OPENSSL_gmtime(&t, &data);
if (ts == NULL)
- return(NULL);
+ goto err;
if (offset_day || offset_sec)
{
if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
- return NULL;
+ goto err;
}
if((ts->tm_year < 50) || (ts->tm_year >= 150))
- return NULL;
+ goto err;
p=(char *)s->data;
if ((p == NULL) || ((size_t)s->length < len))
@@ -222,7 +227,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
if (p == NULL)
{
ASN1err(ASN1_F_ASN1_UTCTIME_ADJ,ERR_R_MALLOC_FAILURE);
- return(NULL);
+ goto err;
}
if (s->data != NULL)
OPENSSL_free(s->data);
@@ -237,6 +242,10 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
ebcdic2ascii(s->data, s->data, s->length);
#endif
return(s);
+ err:
+ if (free_s && s)
+ M_ASN1_UTCTIME_free(s);
+ return NULL;
}
@@ -261,6 +270,11 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
t -= offset*60; /* FIXME: may overflow in extreme cases */
tm = OPENSSL_gmtime(&t, &data);
+ /* NB: -1, 0, 1 already valid return values so use -2 to
+ * indicate error.
+ */
+ if (tm == NULL)
+ return -2;
#define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1
year = g2(s->data);
diff --git a/openssl/crypto/asn1/ameth_lib.c b/openssl/crypto/asn1/ameth_lib.c
index a19e058fc..ef153d461 100644
--- a/openssl/crypto/asn1/ameth_lib.c
+++ b/openssl/crypto/asn1/ameth_lib.c
@@ -258,7 +258,12 @@ int EVP_PKEY_asn1_add_alias(int to, int from)
if (!ameth)
return 0;
ameth->pkey_base_id = to;
- return EVP_PKEY_asn1_add0(ameth);
+ if (!EVP_PKEY_asn1_add0(ameth))
+ {
+ EVP_PKEY_asn1_free(ameth);
+ return 0;
+ }
+ return 1;
}
int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id, int *ppkey_flags,
diff --git a/openssl/crypto/asn1/asn1_lib.c b/openssl/crypto/asn1/asn1_lib.c
index 1bcb44aee..fa04b08ed 100644
--- a/openssl/crypto/asn1/asn1_lib.c
+++ b/openssl/crypto/asn1/asn1_lib.c
@@ -131,6 +131,9 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
*pclass=xclass;
if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err;
+ if (inf && !(ret & V_ASN1_CONSTRUCTED))
+ goto err;
+
#if 0
fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n",
(int)p,*plength,omax,(int)*pp,(int)(p+ *plength),
diff --git a/openssl/crypto/asn1/asn_mime.c b/openssl/crypto/asn1/asn_mime.c
index 54a704a96..13d003bce 100644
--- a/openssl/crypto/asn1/asn_mime.c
+++ b/openssl/crypto/asn1/asn_mime.c
@@ -667,6 +667,8 @@ static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
int len, state, save_state = 0;
headers = sk_MIME_HEADER_new(mime_hdr_cmp);
+ if (!headers)
+ return NULL;
while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
/* If whitespace at line start then continuation line */
if(mhdr && isspace((unsigned char)linebuf[0])) state = MIME_NAME;
diff --git a/openssl/crypto/asn1/asn_pack.c b/openssl/crypto/asn1/asn_pack.c
index ad738217d..00dbf5ad3 100644
--- a/openssl/crypto/asn1/asn_pack.c
+++ b/openssl/crypto/asn1/asn_pack.c
@@ -134,15 +134,23 @@ ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct)
if (!(octmp->length = i2d(obj, NULL))) {
ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR);
- return NULL;
+ goto err;
}
if (!(p = OPENSSL_malloc (octmp->length))) {
ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
- return NULL;
+ goto err;
}
octmp->data = p;
i2d (obj, &p);
return octmp;
+ err:
+ if (!oct || !*oct)
+ {
+ ASN1_STRING_free(octmp);
+ if (oct)
+ *oct = NULL;
+ }
+ return NULL;
}
#endif
diff --git a/openssl/crypto/asn1/bio_asn1.c b/openssl/crypto/asn1/bio_asn1.c
index dc7efd551..bca4eebf6 100644
--- a/openssl/crypto/asn1/bio_asn1.c
+++ b/openssl/crypto/asn1/bio_asn1.c
@@ -154,7 +154,10 @@ static int asn1_bio_new(BIO *b)
if (!ctx)
return 0;
if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE))
+ {
+ OPENSSL_free(ctx);
return 0;
+ }
b->init = 1;
b->ptr = (char *)ctx;
b->flags = 0;
diff --git a/openssl/crypto/asn1/charmap.pl b/openssl/crypto/asn1/charmap.pl
index 2875c5986..25ebf2c20 100644
--- a/openssl/crypto/asn1/charmap.pl
+++ b/openssl/crypto/asn1/charmap.pl
@@ -1,5 +1,8 @@
#!/usr/local/bin/perl -w
+# Written by Dr Stephen N Henson (steve@openssl.org).
+# Licensed under the terms of the OpenSSL license.
+
use strict;
my ($i, @arr);
diff --git a/openssl/crypto/asn1/evp_asn1.c b/openssl/crypto/asn1/evp_asn1.c
index f3d980486..1b9445973 100644
--- a/openssl/crypto/asn1/evp_asn1.c
+++ b/openssl/crypto/asn1/evp_asn1.c
@@ -66,7 +66,11 @@ int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len)
ASN1_STRING *os;
if ((os=M_ASN1_OCTET_STRING_new()) == NULL) return(0);
- if (!M_ASN1_OCTET_STRING_set(os,data,len)) return(0);
+ if (!M_ASN1_OCTET_STRING_set(os,data,len))
+ {
+ M_ASN1_OCTET_STRING_free(os);
+ return 0;
+ }
ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,os);
return(1);
}
diff --git a/openssl/crypto/asn1/t_x509.c b/openssl/crypto/asn1/t_x509.c
index edbb39a02..8e961f5e7 100644
--- a/openssl/crypto/asn1/t_x509.c
+++ b/openssl/crypto/asn1/t_x509.c
@@ -475,6 +475,8 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
l=80-2-obase;
b=X509_NAME_oneline(name,NULL,0);
+ if (!b)
+ return 0;
if (!*b)
{
OPENSSL_free(b);
diff --git a/openssl/crypto/asn1/tasn_enc.c b/openssl/crypto/asn1/tasn_enc.c
index 936ad1f76..1390e5e6a 100644
--- a/openssl/crypto/asn1/tasn_enc.c
+++ b/openssl/crypto/asn1/tasn_enc.c
@@ -453,9 +453,14 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
{
derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk)
* sizeof(*derlst));
+ if (!derlst)
+ return 0;
tmpdat = OPENSSL_malloc(skcontlen);
- if (!derlst || !tmpdat)
+ if (!tmpdat)
+ {
+ OPENSSL_free(derlst);
return 0;
+ }
}
}
/* If not sorting just output each item */
diff --git a/openssl/crypto/asn1/x_crl.c b/openssl/crypto/asn1/x_crl.c
index c51c690ba..3f03efbe6 100644
--- a/openssl/crypto/asn1/x_crl.c
+++ b/openssl/crypto/asn1/x_crl.c
@@ -270,6 +270,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
{
/* We handle IDP and deltas */
if ((nid == NID_issuing_distribution_point)
+ || (nid == NID_authority_key_identifier)
|| (nid == NID_delta_crl))
break;;
crl->flags |= EXFLAG_CRITICAL;