[openssl] openssl-3.0 update
tomas at openssl.org
tomas at openssl.org
Thu Feb 17 10:23:26 UTC 2022
The branch openssl-3.0 has been updated
via 22b3f72ed6ee2676f791fbd4e3a060cfcf1cb71a (commit)
from edd8ea5da7854d3b70a7b12833ac20e734cc2b42 (commit)
- Log -----------------------------------------------------------------
commit 22b3f72ed6ee2676f791fbd4e3a060cfcf1cb71a
Author: Jiasheng Jiang <jiasheng at iscas.ac.cn>
Date: Thu Feb 10 15:41:40 2022 +0800
apps/ocsp: Add check for OPENSSL_strdup
Just assert 'bn' to be non-NULL is not enough.
The check for 'itmp' is still needed.
If 'bn' is 0, the 'itmp' is assigned by OPENSSL_strdup().
Since OPENSSL_strdup() may fail because of the lack of memory,
the 'itmp' will be NULL and be an valid parameter hashed in
TXT_DB_get_by_index(), returning a wrong result.
Signed-off-by: Jiasheng Jiang <jiasheng at iscas.ac.cn>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17677)
(cherry picked from commit 8f084b43803d53e15d83ed130210f026f84679ff)
-----------------------------------------------------------------------
Summary of changes:
apps/ocsp.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/apps/ocsp.c b/apps/ocsp.c
index 7a5f84e527..3d2c668017 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -1176,10 +1176,12 @@ static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser)
bn = ASN1_INTEGER_to_BN(ser, NULL);
OPENSSL_assert(bn); /* FIXME: should report an error at this
* point and abort */
- if (BN_is_zero(bn))
+ if (BN_is_zero(bn)) {
itmp = OPENSSL_strdup("00");
- else
+ OPENSSL_assert(itmp);
+ } else {
itmp = BN_bn2hex(bn);
+ }
row[DB_serial] = itmp;
BN_free(bn);
rrow = TXT_DB_get_by_index(db->db, DB_serial, row);
More information about the openssl-commits
mailing list