diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2015-02-23 12:57:50 +0000 |
|---|---|---|
| committer | Richard Levitte <richard@levitte.org> | 2015-12-02 21:40:11 +0100 |
| commit | d275dbe6eb7b720b8920f712eea79044f845a4bb (patch) | |
| tree | 8286eb1dfef1dcca002526089f26bfde06b182ae | |
| parent | cf432b3b1bd7caa22943b41b94ec2472ae497dc6 (diff) | |
Free up passed ASN.1 structure if reused.
Change the "reuse" behaviour in ASN1_item_d2i: if successful the old
structure is freed and a pointer to the new one used. If it is not
successful then the passed structure is untouched.
Exception made for primitive types so ssl_asn1.c still works.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Conflicts:
doc/crypto/d2i_X509.pod
| -rw-r--r-- | crypto/asn1/tasn_dec.c | 14 | ||||
| -rw-r--r-- | doc/crypto/d2i_X509.pod | 10 |
2 files changed, 19 insertions, 5 deletions
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c index ac079ddd1f..f56eb4c67d 100644 --- a/crypto/asn1/tasn_dec.c +++ b/crypto/asn1/tasn_dec.c @@ -140,11 +140,17 @@ ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, { ASN1_TLC c; ASN1_VALUE *ptmpval = NULL; - if (!pval) - pval = &ptmpval; asn1_tlc_clear_nc(&c); - if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) - return *pval; + if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE) + ptmpval = *pval; + if (ASN1_item_ex_d2i(&ptmpval, in, len, it, -1, 0, 0, &c) > 0) { + if (pval && it->itype != ASN1_ITYPE_PRIMITIVE) { + if (*pval) + ASN1_item_free(*pval, it); + *pval = ptmpval; + } + return ptmpval; + } return NULL; } diff --git a/doc/crypto/d2i_X509.pod b/doc/crypto/d2i_X509.pod index 298ec54a4c..6fed4b1214 100644 --- a/doc/crypto/d2i_X509.pod +++ b/doc/crypto/d2i_X509.pod @@ -199,6 +199,12 @@ B<*px> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this "reuse" behaviour is strongly discouraged. +Current versions of OpenSSL will not modify B<*px> if an error occurs. +If parsing succeeds then B<*px> is freed (if it is not NULL) and then +set to the value of the newly decoded structure. As a result B<*px> +B<must not> be allocated on the stack or an attempt will be made to +free an invalid pointer. + i2d_X509() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the @@ -210,7 +216,9 @@ always succeed. d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure or B<NULL> if an error occurs. The error code that can be obtained by -L<ERR_get_error(3)|ERR_get_error(3)>. +L<ERR_get_error(3)|ERR_get_error(3)>. If the "reuse" capability has been used +with a valid X509 structure being passed in via B<px> then the object is not +modified in the event of error. i2d_X509() returns the number of bytes successfully encoded or a negative value if an error occurs. The error code can be obtained by |