[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

Sat Apr 11 19:02:00 UTC 2015

The branch OpenSSL_1_0_1-stable has been updated
       via  047cdde7a5a873817ae1aa4205390b2b130eb173 (commit)
       via  10473a5a2cd3fe5be188bddf656c5f1733e220b2 (commit)
      from  bd41063b1163a897333288d9789ac2ace2613783 (commit)


- Log -----------------------------------------------------------------
commit 047cdde7a5a873817ae1aa4205390b2b130eb173
Author: Kurt Roeckx <kurt at roeckx.be>
Date:   Sat Apr 11 16:39:13 2015 +0200

    do_dirname: Don't change gen on failures
    
    It would set gen->d.dirn to a freed pointer in case X509V3_NAME_from_section
    failed.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (cherry picked from commit 8ec5c5dd361343d9017eff8547b19e86e4944ebc)

commit 10473a5a2cd3fe5be188bddf656c5f1733e220b2
Author: Kurt Roeckx <kurt at roeckx.be>
Date:   Sat Apr 11 17:08:38 2015 +0200

    X509_VERIFY_PARAM_free: Check param for NULL
    
    Reviewed-by: Viktor Dukhovni <openssl-users at dukhovni.org>
    (cherry picked from commit f49baeff50d0be9c8d86aed6fb4a08841aa3da41)

-----------------------------------------------------------------------

Summary of changes:
 crypto/x509/x509_vpm.c |  2 ++
 crypto/x509v3/v3_alt.c | 18 ++++++++++--------
 2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c
index d054366..6b0bf8a 100644
--- a/crypto/x509/x509_vpm.c
+++ b/crypto/x509/x509_vpm.c
@@ -100,6 +100,8 @@ X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void)
 
 void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param)
 {
+    if (param == NULL)
+        return;
     x509_verify_param_zero(param);
     OPENSSL_free(param);
 }
diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c
index 807867b..22ec202 100644
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -584,24 +584,26 @@ static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
 
 static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
 {
-    int ret;
-    STACK_OF(CONF_VALUE) *sk;
-    X509_NAME *nm;
+    int ret = 0;
+    STACK_OF(CONF_VALUE) *sk = NULL;
+    X509_NAME *nm = NULL;
     if (!(nm = X509_NAME_new()))
-        return 0;
+        goto err;
     sk = X509V3_get_section(ctx, value);
     if (!sk) {
         X509V3err(X509V3_F_DO_DIRNAME, X509V3_R_SECTION_NOT_FOUND);
         ERR_add_error_data(2, "section=", value);
-        X509_NAME_free(nm);
-        return 0;
+        goto err;
     }
     /* FIXME: should allow other character types... */
     ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC);
     if (!ret)
-        X509_NAME_free(nm);
+        goto err;
     gen->d.dirn = nm;
-    X509V3_section_free(ctx, sk);
 
+err:
+    if (ret == 0)
+        X509_NAME_free(nm);
+    X509V3_section_free(ctx, sk);
     return ret;
 }
