[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

Matt Caswell matt at openssl.org
Thu Apr 19 08:00:26 UTC 2018 

The branch OpenSSL_1_1_0-stable has been updated
       via  0e80714fb8175a7c059668e9fab25e4b26a3dae6 (commit)
       via  c02a03bff851cd17c51812643cd1964b7da007f3 (commit)
      from  2add645dfc364cfc609e6138de1bf43c217bb557 (commit)


- Log -----------------------------------------------------------------
commit 0e80714fb8175a7c059668e9fab25e4b26a3dae6
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Apr 18 14:22:36 2018 +0100

    Add a test for a NULL X509_STORE in X509_STORE_CTX_init
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/6002)

commit c02a03bff851cd17c51812643cd1964b7da007f3
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Apr 18 14:20:29 2018 +0100

    Don't crash if there are no trusted certs
    
    The X509_STORE_CTX_init() docs explicitly allow a NULL parameter for the
    X509_STORE. Therefore we shouldn't crash if we subsequently call
    X509_verify_cert() and no X509_STORE has been set.
    
    Fixes #2462
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/6002)

-----------------------------------------------------------------------

Summary of changes:
 crypto/x509/x509_lu.c    | 15 +++++++++++++--
 test/verify_extra_test.c | 42 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 55 insertions(+), 2 deletions(-)

diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index 90f2352..db0365c 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -265,6 +265,9 @@ int X509_STORE_CTX_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type,
     X509_OBJECT stmp, *tmp;
     int i, j;
 
+    if (ctx == NULL)
+        return 0;
+
     CRYPTO_THREAD_write_lock(ctx->lock);
     tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name);
     CRYPTO_THREAD_unlock(ctx->lock);
@@ -489,6 +492,9 @@ STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
     X509 *x;
     X509_OBJECT *obj;
 
+    if (ctx->ctx == NULL)
+        return NULL;
+
     CRYPTO_THREAD_write_lock(ctx->ctx->lock);
     idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
     if (idx < 0) {
@@ -538,8 +544,10 @@ STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
     X509_OBJECT *obj, *xobj = X509_OBJECT_new();
 
     /* Always do lookup to possibly add new CRLs to cache */
-    if (sk == NULL || xobj == NULL ||
-            !X509_STORE_CTX_get_by_subject(ctx, X509_LU_CRL, nm, xobj)) {
+    if (sk == NULL
+            || xobj == NULL
+            || ctx->ctx == NULL
+            || !X509_STORE_CTX_get_by_subject(ctx, X509_LU_CRL, nm, xobj)) {
         X509_OBJECT_free(xobj);
         sk_X509_CRL_free(sk);
         return NULL;
@@ -633,6 +641,9 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
     }
     X509_OBJECT_free(obj);
 
+    if (ctx->ctx == NULL)
+        return 0;
+
     /* Else find index of first cert accepted by 'check_issued' */
     ret = 0;
     CRYPTO_THREAD_write_lock(ctx->ctx->lock);
diff --git a/test/verify_extra_test.c b/test/verify_extra_test.c
index cc05bc2..e0dccfb 100644
--- a/test/verify_extra_test.c
+++ b/test/verify_extra_test.c
@@ -137,6 +137,43 @@ static int test_alt_chains_cert_forgery(const char *roots_f,
     return ret;
 }
 
+static int test_store_ctx(const char *bad_f)
+{
+    X509_STORE_CTX *sctx = NULL;
+    X509 *x = NULL;
+    BIO *bio = NULL;
+    int testresult = 0, ret;
+
+    bio = BIO_new_file(bad_f, "r");
+    if (bio == NULL)
+        goto err;
+
+    x = PEM_read_bio_X509(bio, NULL, 0, NULL);
+    if (x == NULL)
+        goto err;
+
+    sctx = X509_STORE_CTX_new();
+    if (sctx == NULL)
+        goto err;
+
+    if (!X509_STORE_CTX_init(sctx, NULL, x, NULL))
+        goto err;
+
+    /* Verifying a cert where we have no trusted certs should fail */
+    ret = X509_verify_cert(sctx);
+
+    if (ret == 0) {
+        /* This is the result we were expecting: Test passed */
+        testresult = 1;
+    }
+
+ err:
+    X509_STORE_CTX_free(sctx);
+    X509_free(x);
+    BIO_free(bio);
+    return testresult;
+}
+
 int main(int argc, char **argv)
 {
     CRYPTO_set_mem_debug(1);
@@ -152,6 +189,11 @@ int main(int argc, char **argv)
         return 1;
     }
 
+    if (!test_store_ctx(argv[3])) {
+        fprintf(stderr, "Test X509_STORE_CTX failed\n");
+        return 1;
+    }
+
 #ifndef OPENSSL_NO_CRYPTO_MDEBUG
     if (CRYPTO_mem_leaks_fp(stderr) <= 0)
         return 1;

More information about the openssl-commits mailing list