[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

Kurt Roeckx kurt at openssl.org
Sat Oct 3 12:04:37 UTC 2015


The branch OpenSSL_1_0_1-stable has been updated
       via  67d42531744e56d11212ee000e4559cf95ac57a7 (commit)
      from  978c8aa8b79692d193437d28e2485ec5ffa9d6cc (commit)


- Log -----------------------------------------------------------------
commit 67d42531744e56d11212ee000e4559cf95ac57a7
Author: Kurt Roeckx <kurt at roeckx.be>
Date:   Tue Sep 29 19:59:48 2015 +0200

    Fix more d2i cases to properly update the input pointer
    
    Thanks to David Benjamin <davidben at google.com> for pointing them out.
    
    Reviewed-by: Steve Henson <steve at openssl.org>
    MR #1198
    
    (cherry picked from commit 605236f6a8fe0743af2f63d93239a74c69dae137)

-----------------------------------------------------------------------

Summary of changes:
 crypto/asn1/d2i_pr.c | 8 +++++---
 crypto/asn1/x_x509.c | 4 +---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
index 314f4e3..d21829a 100644
--- a/crypto/asn1/d2i_pr.c
+++ b/crypto/asn1/d2i_pr.c
@@ -104,7 +104,8 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
             EVP_PKEY_free(ret);
             ret = EVP_PKCS82PKEY(p8);
             PKCS8_PRIV_KEY_INFO_free(p8);
-
+            if (ret == NULL)
+                goto err;
         } else {
             ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
             goto err;
@@ -160,8 +161,9 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
         }
         ret = EVP_PKCS82PKEY(p8);
         PKCS8_PRIV_KEY_INFO_free(p8);
-        if (ret != NULL)
-            *pp = p;
+        if (ret == NULL)
+            return NULL;
+        *pp = p;
         if (a) {
             *a = ret;
         }
diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c
index 916e51f..bcd9166 100644
--- a/crypto/asn1/x_x509.c
+++ b/crypto/asn1/x_x509.c
@@ -186,9 +186,7 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
         return NULL;
     /* update length */
     length -= q - *pp;
-    if (!length)
-        return ret;
-    if (!d2i_X509_CERT_AUX(&ret->aux, &q, length))
+    if (length > 0 && !d2i_X509_CERT_AUX(&ret->aux, &q, length))
         goto err;
     *pp = q;
     return ret;


More information about the openssl-commits mailing list