[openssl] master update

Dr. Paul Dale pauli at openssl.org
Fri Dec 10 04:20:51 UTC 2021 

The branch master has been updated
       via  ecf60b9e27c041e7c95669b52a399fc2f20fd0fe (commit)
       via  318e97997a514b16ca497cedb49730bc75764a05 (commit)
      from  44fde441937fc8db8ea6a7ac2e7c683ad9d5f8e0 (commit)


- Log -----------------------------------------------------------------
commit ecf60b9e27c041e7c95669b52a399fc2f20fd0fe
Author: x2018 <xkernel.wang at foxmail.com>
Date:   Wed Dec 1 16:15:44 2021 +0800

    remove redundant ERR_raise
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/17175)

commit 318e97997a514b16ca497cedb49730bc75764a05
Author: x2018 <xkernel.wang at foxmail.com>
Date:   Wed Dec 1 14:29:58 2021 +0800

    check the return value of BIO_new() in t_x509.c:471 & cmp_vfy.c:36
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/17175)

-----------------------------------------------------------------------

Summary of changes:
 crypto/cmp/cmp_vfy.c | 3 ++-
 crypto/x509/t_x509.c | 2 ++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c
index d3d9cca0d4..cdfad0a631 100644
--- a/crypto/cmp/cmp_vfy.c
+++ b/crypto/cmp/cmp_vfy.c
@@ -34,7 +34,8 @@ static int verify_signature(const OSSL_CMP_CTX *cmp_ctx,
         return 0;
 
     bio = BIO_new(BIO_s_mem()); /* may be NULL */
-
+    if (bio == NULL)
+        return 0;
     /* verify that keyUsage, if present, contains digitalSignature */
     if (!cmp_ctx->ignore_keyusage
             && (X509_get_key_usage(cert) & X509v3_KU_DIGITAL_SIGNATURE) == 0) {
diff --git a/crypto/x509/t_x509.c b/crypto/x509/t_x509.c
index 95ee5f519f..13ccb35508 100644
--- a/crypto/x509/t_x509.c
+++ b/crypto/x509/t_x509.c
@@ -470,6 +470,8 @@ int X509_STORE_CTX_print_verify_cb(int ok, X509_STORE_CTX *ctx)
         int cert_error = X509_STORE_CTX_get_error(ctx);
         BIO *bio = BIO_new(BIO_s_mem()); /* may be NULL */
 
+        if (bio == NULL)
+            return 0;
         BIO_printf(bio, "%s at depth = %d error = %d (%s)\n",
                    X509_STORE_CTX_get0_parent_ctx(ctx) != NULL
                    ? "CRL path validation"

More information about the openssl-commits mailing list