[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Richard Levitte levitte at openssl.org
Tue Oct 24 18:54:47 UTC 2017 

The branch OpenSSL_1_0_2-stable has been updated
       via  65d414434aeecd5aa86a46adbfbcb59b4344503a (commit)
      from  deee898ef94a176a22fce3b9effc957cb75bb535 (commit)


- Log -----------------------------------------------------------------
commit 65d414434aeecd5aa86a46adbfbcb59b4344503a
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Oct 24 13:42:41 2017 +0200

    asn1_item_embed_new(): don't free an embedded item
    
    The previous change with this intention didn't quite do it.  An
    embedded item must not be freed itself, but might potentially contain
    non-embedded elements, which must be freed.
    
    So instead of calling ASN1_item_ex_free(), where we can't pass the
    combine flag, we call asn1_item_embed_free() directly.
    
    This changes asn1_item_embed_free() from being a static function to
    being a private non-static function.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
    (Merged from https://github.com/openssl/openssl/pull/4578)

-----------------------------------------------------------------------

Summary of changes:
 crypto/{pem/pem_x509.c => asn1/asn1_int.h} | 17 ++++++-----------
 crypto/asn1/tasn_fre.c                     |  7 ++-----
 crypto/asn1/tasn_new.c                     |  7 +++----
 3 files changed, 11 insertions(+), 20 deletions(-)
 copy crypto/{pem/pem_x509.c => asn1/asn1_int.h} (89%)

diff --git a/crypto/pem/pem_x509.c b/crypto/asn1/asn1_int.h
similarity index 89%
copy from crypto/pem/pem_x509.c
copy to crypto/asn1/asn1_int.h
index 3c20ff2..c9fd8b1 100644
--- a/crypto/pem/pem_x509.c
+++ b/crypto/asn1/asn1_int.h
@@ -1,10 +1,10 @@
-/* pem_x509.c */
+/* asn1t.h */
 /*
  * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
- * 2001.
+ * 2006.
  */
 /* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -57,12 +57,7 @@
  *
  */
 
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
+/* Internal ASN1 template structures and functions: not for application use */
 
-IMPLEMENT_PEM_rw(X509, X509, PEM_STRING_X509, X509)
+void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
+                            int combine);
diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c
index aeea4ef..0cf7510 100644
--- a/crypto/asn1/tasn_fre.c
+++ b/crypto/asn1/tasn_fre.c
@@ -61,9 +61,7 @@
 #include <openssl/asn1.h>
 #include <openssl/asn1t.h>
 #include <openssl/objects.h>
-
-static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
-                                   int combine);
+#include "asn1_int.h"
 
 /* Free up an ASN1 structure */
 
@@ -77,8 +75,7 @@ void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
     asn1_item_combine_free(pval, it, 0);
 }
 
-static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
-                                   int combine)
+void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
 {
     const ASN1_TEMPLATE *tt = NULL, *seqtt;
     const ASN1_EXTERN_FUNCS *ef;
diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c
index 1e21da2..6ba9026 100644
--- a/crypto/asn1/tasn_new.c
+++ b/crypto/asn1/tasn_new.c
@@ -63,6 +63,7 @@
 #include <openssl/err.h>
 #include <openssl/asn1t.h>
 #include <string.h>
+#include "asn1_int.h"
 
 static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
                                     int combine);
@@ -199,8 +200,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
     return 1;
 
  memerr2:
-    if (!combine)
-        ASN1_item_ex_free(pval, it);
+    asn1_item_combine_free(pval, it, combine);
  memerr:
     ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ERR_R_MALLOC_FAILURE);
 #ifdef CRYPTO_MDEBUG
@@ -210,8 +210,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
     return 0;
 
  auxerr2:
-    if (!combine)
-        ASN1_item_ex_free(pval, it);
+    asn1_item_combine_free(pval, it, combine);
  auxerr:
     ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ASN1_R_AUX_ERROR);
 #ifdef CRYPTO_MDEBUG

More information about the openssl-commits mailing list