[openssl] OpenSSL_1_1_1-stable update
tmraz at fedoraproject.org
tmraz at fedoraproject.org
Tue Jan 14 17:35:52 UTC 2020
The branch OpenSSL_1_1_1-stable has been updated
via 902a97b5869e29175292324ec7c390401c453452 (commit)
from 5f6343dea1233deb6d762e24e0e0d3d795b9513d (commit)
- Log -----------------------------------------------------------------
commit 902a97b5869e29175292324ec7c390401c453452
Author: kinichiro <kinichiro.inoguchi at gmail.com>
Date: Thu Jan 9 23:22:25 2020 +0900
Avoid leak in error path of asn1_parse2
CLA: trivial
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10794)
(cherry picked from commit 6a165fab239ec5b00b3cd68169a63b509207177d)
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/asn1_par.c | 36 ++++++++++++++++++++----------------
1 file changed, 20 insertions(+), 16 deletions(-)
diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index 4b60c615de..5abab9ab71 100644
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -75,6 +75,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
int nl, hl, j, r;
ASN1_OBJECT *o = NULL;
ASN1_OCTET_STRING *os = NULL;
+ ASN1_INTEGER *ai = NULL;
+ ASN1_ENUMERATED *ae = NULL;
/* ASN1_BMPSTRING *bmp=NULL; */
int dump_indent, dump_cont = 0;
@@ -250,22 +252,21 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
ASN1_OCTET_STRING_free(os);
os = NULL;
} else if (tag == V_ASN1_INTEGER) {
- ASN1_INTEGER *bs;
int i;
opp = op;
- bs = d2i_ASN1_INTEGER(NULL, &opp, len + hl);
- if (bs != NULL) {
+ ai = d2i_ASN1_INTEGER(NULL, &opp, len + hl);
+ if (ai != NULL) {
if (BIO_write(bp, ":", 1) <= 0)
goto end;
- if (bs->type == V_ASN1_NEG_INTEGER)
+ if (ai->type == V_ASN1_NEG_INTEGER)
if (BIO_write(bp, "-", 1) <= 0)
goto end;
- for (i = 0; i < bs->length; i++) {
- if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
+ for (i = 0; i < ai->length; i++) {
+ if (BIO_printf(bp, "%02X", ai->data[i]) <= 0)
goto end;
}
- if (bs->length == 0) {
+ if (ai->length == 0) {
if (BIO_write(bp, "00", 2) <= 0)
goto end;
}
@@ -274,24 +275,24 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
goto end;
dump_cont = 1;
}
- ASN1_INTEGER_free(bs);
+ ASN1_INTEGER_free(ai);
+ ai = NULL;
} else if (tag == V_ASN1_ENUMERATED) {
- ASN1_ENUMERATED *bs;
int i;
opp = op;
- bs = d2i_ASN1_ENUMERATED(NULL, &opp, len + hl);
- if (bs != NULL) {
+ ae = d2i_ASN1_ENUMERATED(NULL, &opp, len + hl);
+ if (ae != NULL) {
if (BIO_write(bp, ":", 1) <= 0)
goto end;
- if (bs->type == V_ASN1_NEG_ENUMERATED)
+ if (ae->type == V_ASN1_NEG_ENUMERATED)
if (BIO_write(bp, "-", 1) <= 0)
goto end;
- for (i = 0; i < bs->length; i++) {
- if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
+ for (i = 0; i < ae->length; i++) {
+ if (BIO_printf(bp, "%02X", ae->data[i]) <= 0)
goto end;
}
- if (bs->length == 0) {
+ if (ae->length == 0) {
if (BIO_write(bp, "00", 2) <= 0)
goto end;
}
@@ -300,7 +301,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
goto end;
dump_cont = 1;
}
- ASN1_ENUMERATED_free(bs);
+ ASN1_ENUMERATED_free(ae);
+ ae = NULL;
} else if (len > 0 && dump) {
if (!nl) {
if (BIO_write(bp, "\n", 1) <= 0)
@@ -341,6 +343,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
end:
ASN1_OBJECT_free(o);
ASN1_OCTET_STRING_free(os);
+ ASN1_INTEGER_free(ai);
+ ASN1_ENUMERATED_free(ae);
*pp = p;
return ret;
}
More information about the openssl-commits
mailing list