[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

Richard Levitte levitte at openssl.org
Tue Oct 24 18:53:08 UTC 2017 

The branch OpenSSL_1_1_0-stable has been updated
       via  9d725c0a1a39dd98b720b41b33fcb969c9c50832 (commit)
       via  f7f1ac6cb0a7e96010b1e6273e04ce9e9354601a (commit)
      from  b272c48f5669da6b01bdf079bc24e9ef30ea09b3 (commit)


- Log -----------------------------------------------------------------
commit 9d725c0a1a39dd98b720b41b33fcb969c9c50832
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Oct 24 18:32:22 2017 +0200

    asn1_item_embed_new(): if locking failed, don't call asn1_item_embed_free()
    
    asn1_item_embed_free() will try unlocking and fail in this case, and
    since the new item was just allocated on the heap, free it directly
    with OPENSSL_free() instead.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
    (Merged from https://github.com/openssl/openssl/pull/4579)
    
    (cherry picked from commit fe6fcd31546db1ab019e55edd15c953c5b358559)

commit f7f1ac6cb0a7e96010b1e6273e04ce9e9354601a
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Oct 24 13:39:04 2017 +0200

    asn1_item_embed_new(): don't free an embedded item
    
    The previous change with this intention didn't quite do it.  An
    embedded item must not be freed itself, but might potentially contain
    non-embedded elements, which must be freed.
    
    So instead of calling ASN1_item_ex_free(), where we can't pass the
    embed flag, we call asn1_item_embed_free() directly.
    
    This changes asn1_item_embed_free() from being a static function to
    being a private non-static function.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
    (Merged from https://github.com/openssl/openssl/pull/4579)
    
    (cherry picked from commit 03996c19c30575c48b254f10625d24f86058605b)

-----------------------------------------------------------------------

Summary of changes:
 crypto/asn1/asn1_locl.h |  1 +
 crypto/asn1/tasn_fre.c  |  6 +-----
 crypto/asn1/tasn_new.c  | 15 +++++++++------
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/crypto/asn1/asn1_locl.h b/crypto/asn1/asn1_locl.h
index 9470c7d..9a47b1e 100644
--- a/crypto/asn1/asn1_locl.h
+++ b/crypto/asn1/asn1_locl.h
@@ -65,6 +65,7 @@ int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
 int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen,
                   const ASN1_ITEM *it);
 
+void asn1_item_embed_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed);
 void asn1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed);
 void asn1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
 
diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c
index ae91461..bbce489 100644
--- a/crypto/asn1/tasn_fre.c
+++ b/crypto/asn1/tasn_fre.c
@@ -13,9 +13,6 @@
 #include <openssl/objects.h>
 #include "asn1_locl.h"
 
-static void asn1_item_embed_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
-                                 int embed);
-
 /* Free up an ASN1 structure */
 
 void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it)
@@ -28,8 +25,7 @@ void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
     asn1_item_embed_free(pval, it, 0);
 }
 
-static void asn1_item_embed_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
-                                 int embed)
+void asn1_item_embed_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed)
 {
     const ASN1_TEMPLATE *tt = NULL, *seqtt;
     const ASN1_EXTERN_FUNCS *ef;
diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c
index 7608b43..11c8040 100644
--- a/crypto/asn1/tasn_new.c
+++ b/crypto/asn1/tasn_new.c
@@ -124,8 +124,13 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed)
                 goto memerr;
         }
         /* 0 : init. lock */
-        if (asn1_do_lock(pval, 0, it) < 0)
-            goto memerr2;
+        if (asn1_do_lock(pval, 0, it) < 0) {
+            if (!embed) {
+                OPENSSL_free(*pval);
+                *pval = NULL;
+            }
+            goto memerr;
+        }
         asn1_enc_init(pval, it);
         for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
             pseqval = asn1_get_field_ptr(pval, tt);
@@ -142,8 +147,7 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed)
     return 1;
 
  memerr2:
-    if (!embed)
-        ASN1_item_ex_free(pval, it);
+    asn1_item_embed_free(pval, it, embed);
  memerr:
     ASN1err(ASN1_F_ASN1_ITEM_EMBED_NEW, ERR_R_MALLOC_FAILURE);
 #ifndef OPENSSL_NO_CRYPTO_MDEBUG
@@ -152,8 +156,7 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed)
     return 0;
 
  auxerr2:
-    if (!embed)
-        ASN1_item_ex_free(pval, it);
+    asn1_item_embed_free(pval, it, embed);
  auxerr:
     ASN1err(ASN1_F_ASN1_ITEM_EMBED_NEW, ASN1_R_AUX_ERROR);
 #ifndef OPENSSL_NO_CRYPTO_MDEBUG

More information about the openssl-commits mailing list