[openssl] OpenSSL_1_1_1-stable update
bernd.edlinger at hotmail.de
bernd.edlinger at hotmail.de
Sat Aug 17 14:51:20 UTC 2019
The branch OpenSSL_1_1_1-stable has been updated
via 2403153c95b312e0a5a178c516335ee8dd17526c (commit)
from 4faaf0f46d231c70df4138ce5ac36e082990dff8 (commit)
- Log -----------------------------------------------------------------
commit 2403153c95b312e0a5a178c516335ee8dd17526c
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date: Fri Aug 16 15:18:51 2019 +0200
Fix error handling in X509_chain_up_ref
Reviewed-by: Kurt Roeckx <kurt at roeckx.be>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9614)
(cherry picked from commit cae665dfa6ccec743a7f39cf80676d7d2d787e56)
-----------------------------------------------------------------------
Summary of changes:
crypto/x509/x509_cmp.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 02fad0c671..c65222df69 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -450,9 +450,17 @@ STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain)
STACK_OF(X509) *ret;
int i;
ret = sk_X509_dup(chain);
+ if (ret == NULL)
+ return NULL;
for (i = 0; i < sk_X509_num(ret); i++) {
X509 *x = sk_X509_value(ret, i);
- X509_up_ref(x);
+ if (!X509_up_ref(x))
+ goto err;
}
return ret;
+ err:
+ while (i-- > 0)
+ X509_free (sk_X509_value(ret, i));
+ sk_X509_free(ret);
+ return NULL;
}
More information about the openssl-commits
mailing list