[openssl-commits] [openssl] OpenSSL_1_0_1-stable update
Matt Caswell
matt at openssl.org
Tue Apr 26 13:42:32 UTC 2016
The branch OpenSSL_1_0_1-stable has been updated
via a04d08fc18e3dba21dfce71e55f0decb971f9b91 (commit)
from 1ee454157636a69400af56ea19f57c0b05c344ef (commit)
- Log -----------------------------------------------------------------
commit a04d08fc18e3dba21dfce71e55f0decb971f9b91
Author: Matt Caswell <matt at openssl.org>
Date: Mon Apr 25 16:05:55 2016 +0100
Ensure we check i2d_X509 return val
The i2d_X509() function can return a negative value on error. Therefore
we should make sure we check it.
Issue reported by Yuan Jochen Kang.
Reviewed-by: Emilia Käsper <emilia at openssl.org>
(cherry picked from commit 446ba8de9af9aa4fa3debc7c76a38f4efed47a62)
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/x_x509.c | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c
index bcd9166..38ede71 100644
--- a/crypto/asn1/x_x509.c
+++ b/crypto/asn1/x_x509.c
@@ -201,9 +201,18 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
int i2d_X509_AUX(X509 *a, unsigned char **pp)
{
- int length;
+ int length, tmplen;
+ unsigned char *start = *pp;
length = i2d_X509(a, pp);
- if (a)
- length += i2d_X509_CERT_AUX(a->aux, pp);
+ if (length < 0 || a == NULL)
+ return length;
+
+ tmplen = i2d_X509_CERT_AUX(a->aux, pp);
+ if (tmplen < 0) {
+ *pp = start;
+ return tmplen;
+ }
+ length += tmplen;
+
return length;
}
More information about the openssl-commits
mailing list