[openssl-commits] [openssl] master update

[Matt Caswell]

The branch master has been updated
       via  cb1c3d1a2714eb69012b079053f7fbcca1acc544 (commit)
      from  62542d046483687330c55b36fa27d82dc03958c2 (commit)


- Log -----------------------------------------------------------------
commit cb1c3d1a2714eb69012b079053f7fbcca1acc544
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Feb 12 17:22:17 2018 +0000

    Make sure we check the return value of extract_min_max()
    
    Commit 42d7d7dd6 turned this function from returning void to
    returning an int error code. This instance of calling it was
    missed.
    
    Found by Coverity.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/5338)

-----------------------------------------------------------------------

Summary of changes:
 crypto/x509v3/v3_asid.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c
index 6bc4afd..50b8816 100644
--- a/crypto/x509v3/v3_asid.c
+++ b/crypto/x509v3/v3_asid.c
@@ -667,7 +667,9 @@ static int asid_contains(ASIdOrRanges *parent, ASIdOrRanges *child)
         for (;; p++) {
             if (p >= sk_ASIdOrRange_num(parent))
                 return 0;
-            extract_min_max(sk_ASIdOrRange_value(parent, p), &p_min, &p_max);
+            if (!extract_min_max(sk_ASIdOrRange_value(parent, p), &p_min,
+                                 &p_max))
+                return 0;
             if (ASN1_INTEGER_cmp(p_max, c_max) < 0)
                 continue;
             if (ASN1_INTEGER_cmp(p_min, c_min) > 0)