From f50c11ca40132a556880d11172694dfec6b90ad2 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 7 Sep 2000 17:42:25 +0000 Subject: [PATCH] Ugh, BIO_find_type() cannot be passed a NULL. Fix doc example, and fix BIO_find_type(). Fix PKCS7_verify(). It was using 'i' for both the loop variable and the verify return value. --- CHANGES | 4 ++++ crypto/bio/bio_lib.c | 1 + crypto/pkcs7/pk7_smime.c | 6 +++--- doc/crypto/BIO_find_type.pod | 9 +++++++-- 4 files changed, 15 insertions(+), 5 deletions(-) diff --git a/CHANGES b/CHANGES index 5ada535aba..01f8d5b87a 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,10 @@ Changes between 0.9.5a and 0.9.6 [xx XXX 2000] + *) Fix bug in PKCS7_verify() which caused an infinite loop + if there was more than one signature. + [Sven Uszpelkat ] + *) Major change in util/mkdef.pl to include extra information about each symbol, as well as presentig variables as well as functions. This change means that there's n more need diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c index fa32df041e..381afc9b8e 100644 --- a/crypto/bio/bio_lib.c +++ b/crypto/bio/bio_lib.c @@ -418,6 +418,7 @@ BIO *BIO_find_type(BIO *bio, int type) { int mt,mask; + if(!bio) return NULL; mask=type&0xff; do { if (bio->method != NULL) diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c index 19e0b28a39..c8cd5a7f73 100644 --- a/crypto/pkcs7/pk7_smime.c +++ b/crypto/pkcs7/pk7_smime.c @@ -153,7 +153,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, PKCS7_SIGNER_INFO *si; X509_STORE_CTX cert_ctx; char buf[4096]; - int i, j=0; + int i, j=0, k; BIO *p7bio; BIO *tmpout; @@ -193,8 +193,8 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, /* Now verify the certificates */ - if (!(flags & PKCS7_NOVERIFY)) for (i = 0; i < sk_X509_num(signers); i++) { - signer = sk_X509_value (signers, i); + if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) { + signer = sk_X509_value (signers, k); if (!(flags & PKCS7_NOCHAIN)) { X509_STORE_CTX_init(&cert_ctx, store, signer, p7->d.sign->cert); diff --git a/doc/crypto/BIO_find_type.pod b/doc/crypto/BIO_find_type.pod index 1a1d6bfad5..cc18c06228 100644 --- a/doc/crypto/BIO_find_type.pod +++ b/doc/crypto/BIO_find_type.pod @@ -71,6 +71,11 @@ use: next = bio->next_bio; +=head1 BUGS + +BIO_find_type() in OpenSSL 0.9.5a and earlier could not be safely passed a +NULL pointer for the B argument. + =head1 EXAMPLE Traverse a chain looking for digest BIOs: @@ -78,14 +83,14 @@ Traverse a chain looking for digest BIOs: BIO *btmp; btmp = in_bio; /* in_bio is chain to search through */ - for(;;) { + do { btmp = BIO_find_type(btmp, BIO_TYPE_MD); if(btmp == NULL) break; /* Not found */ /* btmp is a digest BIO, do something with it ...*/ ... btmp = BIO_next(btmp); - } + } while(btmp); =head1 SEE ALSO