diff options
author | Zhou Qingyang <zhou1615@umn.edu> | 2022-04-11 02:05:19 +0800 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-04-12 13:07:40 +0200 |
commit | 6b42c74b0677560017df08c452342355adfd1ecc (patch) | |
tree | 602d33023676409040272773313eb2bae90968d5 | |
parent | 5585d0da5f27971d39050c213a064ca6b3249e4a (diff) |
Add return value check of X509V3_add_value() in X509V3_parse_list()
X509V3_add_value() will return 0 on malloc failure, which could lead to
err logic in X509V3_parse_list().
Fix this by adding return value check of X509V3_add_value().
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18077)
(cherry picked from commit bcd5645b34c319b8e4d72d6850ead80e85f18921)
-rw-r--r-- | crypto/x509/v3_utl.c | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/crypto/x509/v3_utl.c b/crypto/x509/v3_utl.c index 734e083a7a..ff049c897b 100644 --- a/crypto/x509/v3_utl.c +++ b/crypto/x509/v3_utl.c @@ -349,7 +349,9 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) ERR_raise(ERR_LIB_X509V3, X509V3_R_INVALID_EMPTY_NAME); goto err; } - X509V3_add_value(ntmp, NULL, &values); + if (!X509V3_add_value(ntmp, NULL, &values)) { + goto err; + } } break; @@ -362,7 +364,9 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) ERR_raise(ERR_LIB_X509V3, X509V3_R_INVALID_NULL_VALUE); goto err; } - X509V3_add_value(ntmp, vtmp, &values); + if (!X509V3_add_value(ntmp, vtmp, &values)) { + goto err; + } ntmp = NULL; q = p + 1; } @@ -376,14 +380,18 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) ERR_raise(ERR_LIB_X509V3, X509V3_R_INVALID_NULL_VALUE); goto err; } - X509V3_add_value(ntmp, vtmp, &values); + if (!X509V3_add_value(ntmp, vtmp, &values)) { + goto err; + } } else { ntmp = strip_spaces(q); if (!ntmp) { ERR_raise(ERR_LIB_X509V3, X509V3_R_INVALID_EMPTY_NAME); goto err; } - X509V3_add_value(ntmp, NULL, &values); + if (!X509V3_add_value(ntmp, NULL, &values)) { + goto err; + } } OPENSSL_free(linebuf); return values; |