diff options
author | Dmitry Belyavskiy <beldmit@gmail.com> | 2019-02-22 16:58:55 +0300 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2019-03-28 10:11:11 +0000 |
commit | 0db8f86a18925bd239600a4e3cd5dc31de31258f (patch) | |
tree | 964f086afd452644ba1e989d9217d3f451895315 /apps/ocsp.c | |
parent | edfd50d8db3ae20c1cba1667f861a25cbe6c31f2 (diff) |
Add some checks of OCSP functions
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8308)
(cherry picked from commit 72b89b8e201d17dea0219b4b92df7af7e17f183a)
Diffstat (limited to 'apps/ocsp.c')
-rw-r--r-- | apps/ocsp.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/apps/ocsp.c b/apps/ocsp.c index e8aeb11cc5..066a2e43af 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -641,8 +641,10 @@ redo_accept: goto end; } - if (req != NULL && add_nonce) - OCSP_request_add1_nonce(req, NULL, -1); + if (req != NULL && add_nonce) { + if (!OCSP_request_add1_nonce(req, NULL, -1)) + goto end; + } if (signfile != NULL) { if (keyfile == NULL) @@ -1245,7 +1247,10 @@ static void make_ocsp_response(BIO *err, OCSP_RESPONSE **resp, OCSP_REQUEST *req goto end; } } - OCSP_basic_sign_ctx(bs, rcert, mctx, rother, flags); + if (!OCSP_basic_sign_ctx(bs, rcert, mctx, rother, flags)) { + *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_INTERNALERROR, bs); + goto end; + } if (badsig) { const ASN1_OCTET_STRING *sig = OCSP_resp_get0_signature(bs); |