[openssl-commits] [openssl] master update
Richard Levitte
levitte at openssl.org
Sun May 20 07:49:11 UTC 2018
The branch master has been updated
via c1c1783d45a5e91951e6328a820939d0256c841c (commit)
from f3021aca4a154c2ff9bd0030f7974eb6a719550d (commit)
- Log -----------------------------------------------------------------
commit c1c1783d45a5e91951e6328a820939d0256c841c
Author: Richard Levitte <levitte at openssl.org>
Date: Thu May 17 09:53:14 2018 +0200
Restore check of |*xn| against |name| in X509_NAME_set
A previous change of this function introduced a fragility when the
destination happens to be the same as the source. Such alias isn't
recommended, but could still happen, for example in this kind of code:
X509_NAME *subject = X509_get_issuer_name(x);
/* ... some code passes ... */
X509_set_issuer_name(x, subject);
Fixes #4710
Reviewed-by: Andy Polyakov <appro at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6280)
-----------------------------------------------------------------------
Summary of changes:
crypto/x509/x_name.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c
index aec3459..a1e9bbd 100644
--- a/crypto/x509/x_name.c
+++ b/crypto/x509/x_name.c
@@ -481,6 +481,8 @@ static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname,
int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
{
+ if (*xn == name)
+ return *xn != NULL;
if ((name = X509_NAME_dup(name)) == NULL)
return 0;
X509_NAME_free(*xn);
More information about the openssl-commits
mailing list