wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Avoid NULL pointer dereference. Fixes #9043.

Browse source 
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9059)
This commit is contained in:
Dmitry Belyavskiy 2019-07-08 20:14:50 +10:00 committed by Pauli
parent b97a28b19d
commit 9fd6f7d1cd
5 changed files with 20 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
apps/req.c
View file

@ -933,9 +933,19 @@ int req_main(int argc, char **argv)
if (text) { if (text) {
if (x509) if (x509)
X509_print_ex(out, x509ss, get_nameopt(), reqflag); ret = X509_print_ex(out, x509ss, get_nameopt(), reqflag);
else else
X509_REQ_print_ex(out, req, get_nameopt(), reqflag); ret = X509_REQ_print_ex(out, req, get_nameopt(), reqflag);
if (ret == 0) {
if (x509)
BIO_printf(bio_err, "Error printing certificate\n");
else
BIO_printf(bio_err, "Error printing certificate request\n");
ERR_print_errors(bio_err);
goto end;
}
} }
if (subject) { if (subject) {

1
crypto/err/openssl.txt
View file

@ -3221,6 +3221,7 @@ X509_R_CERT_ALREADY_IN_HASH_TABLE:101:cert already in hash table
X509_R_CRL_ALREADY_DELTA:127:crl already delta X509_R_CRL_ALREADY_DELTA:127:crl already delta
X509_R_CRL_VERIFY_FAILURE:131:crl verify failure X509_R_CRL_VERIFY_FAILURE:131:crl verify failure
X509_R_IDP_MISMATCH:128:idp mismatch X509_R_IDP_MISMATCH:128:idp mismatch
X509_R_INVALID_ATTRIBUTES:138:invalid attributes
X509_R_INVALID_DIRECTORY:113:invalid directory X509_R_INVALID_DIRECTORY:113:invalid directory
X509_R_INVALID_FIELD_NAME:119:invalid field name X509_R_INVALID_FIELD_NAME:119:invalid field name
X509_R_INVALID_TRUST:123:invalid trust X509_R_INVALID_TRUST:123:invalid trust

4
crypto/x509/t_req.c
View file

@ -127,6 +127,10 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
if ((j = i2a_ASN1_OBJECT(bp, aobj)) > 0) { if ((j = i2a_ASN1_OBJECT(bp, aobj)) > 0) {
ii = 0; ii = 0;
count = X509_ATTRIBUTE_count(a); count = X509_ATTRIBUTE_count(a);
if (count == 0) {
X509err(X509_F_X509_REQ_PRINT_EX, X509_R_INVALID_ATTRIBUTES);
return 0;
}
get_next: get_next:
at = X509_ATTRIBUTE_get0_type(a, ii); at = X509_ATTRIBUTE_get0_type(a, ii);
type = at->type; type = at->type;

2
crypto/x509/x509_err.c
View file

@ -129,6 +129,8 @@ static const ERR_STRING_DATA X509_str_reasons[] = {
{ERR_PACK(ERR_LIB_X509, 0, X509_R_CRL_VERIFY_FAILURE), {ERR_PACK(ERR_LIB_X509, 0, X509_R_CRL_VERIFY_FAILURE),
"crl verify failure"}, "crl verify failure"},
{ERR_PACK(ERR_LIB_X509, 0, X509_R_IDP_MISMATCH), "idp mismatch"}, {ERR_PACK(ERR_LIB_X509, 0, X509_R_IDP_MISMATCH), "idp mismatch"},
{ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_ATTRIBUTES),
"invalid attributes"},
{ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_DIRECTORY), "invalid directory"}, {ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_DIRECTORY), "invalid directory"},
{ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_FIELD_NAME), {ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_FIELD_NAME),
"invalid field name"}, "invalid field name"},

1
include/openssl/x509err.h
View file

@ -102,6 +102,7 @@ int ERR_load_X509_strings(void);
# define X509_R_CRL_ALREADY_DELTA 127 # define X509_R_CRL_ALREADY_DELTA 127
# define X509_R_CRL_VERIFY_FAILURE 131 # define X509_R_CRL_VERIFY_FAILURE 131
# define X509_R_IDP_MISMATCH 128 # define X509_R_IDP_MISMATCH 128
# define X509_R_INVALID_ATTRIBUTES 138
# define X509_R_INVALID_DIRECTORY 113 # define X509_R_INVALID_DIRECTORY 113
# define X509_R_INVALID_FIELD_NAME 119 # define X509_R_INVALID_FIELD_NAME 119
# define X509_R_INVALID_TRUST 123 # define X509_R_INVALID_TRUST 123