From fef0b61e18b9c7475e4d6e67ddfc55db46573f4e Mon Sep 17 00:00:00 2001 From: marha Date: Wed, 16 Jun 2010 16:17:11 +0000 Subject: Switched to openssl-1.0.0a --- openssl/crypto/x509v3/v3_pci.c | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) (limited to 'openssl/crypto/x509v3/v3_pci.c') diff --git a/openssl/crypto/x509v3/v3_pci.c b/openssl/crypto/x509v3/v3_pci.c index c254b2ff9..0dcfa004f 100644 --- a/openssl/crypto/x509v3/v3_pci.c +++ b/openssl/crypto/x509v3/v3_pci.c @@ -128,7 +128,12 @@ static int process_pci_value(CONF_VALUE *val, unsigned char *tmp_data2 = string_to_hex(val->value + 4, &val_len); - if (!tmp_data2) goto err; + if (!tmp_data2) + { + X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_ILLEGAL_HEX_DIGIT); + X509V3_conf_err(val); + goto err; + } tmp_data = OPENSSL_realloc((*policy)->data, (*policy)->length + val_len + 1); @@ -140,6 +145,17 @@ static int process_pci_value(CONF_VALUE *val, (*policy)->length += val_len; (*policy)->data[(*policy)->length] = '\0'; } + else + { + OPENSSL_free(tmp_data2); + /* realloc failure implies the original data space is b0rked too! */ + (*policy)->data = NULL; + (*policy)->length = 0; + X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE); + X509V3_conf_err(val); + goto err; + } + OPENSSL_free(tmp_data2); } else if (strncmp(val->value, "file:", 5) == 0) { @@ -169,6 +185,7 @@ static int process_pci_value(CONF_VALUE *val, (*policy)->length += n; (*policy)->data[(*policy)->length] = '\0'; } + BIO_free_all(b); if (n < 0) { @@ -190,6 +207,15 @@ static int process_pci_value(CONF_VALUE *val, (*policy)->length += val_len; (*policy)->data[(*policy)->length] = '\0'; } + else + { + /* realloc failure implies the original data space is b0rked too! */ + (*policy)->data = NULL; + (*policy)->length = 0; + X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE); + X509V3_conf_err(val); + goto err; + } } else { -- cgit v1.2.3