diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2020-02-04 13:50:51 +1000 |
---|---|---|
committer | Shane Lontis <shane.lontis@oracle.com> | 2020-02-04 13:50:51 +1000 |
commit | d5e66eab0bc08d701ba8386d3a36d417d19966aa (patch) | |
tree | ef8de7ba3180d40dcdf4f0f73df80e25c42f57d4 /apps | |
parent | 450d12c825cc9016e5e8990423fa7ffdb843a1f0 (diff) |
CID 1457854 - keymgmt_lib.c : OVERRUN
CID 1457853 - self_test_kats.c : UNINT
CID 1457752 - fipsprov.c RESOURCE_LEAK (code change in another PR removed this)
CID 1457751 - apps/pkcs12.c CHECKED_RETURN
CID 1457750 - dsa_ossl.c RESOURCE_LEAK (marked as false positive since tmp can not be NULL)
CID 1457749 - apps/nseq.c : CHECKED_RETURN
CID 1457748 - cipher_aes_cbc_hmac_sha.c : SIZEOF_MISMATCH
CID 1457747 - cipher_aes_cbc_hmac_sha.c : SIZEOF_MISMATCH
CID 1457746 - same as 1457752
CID 1457745 - apps/ocsp : CHECKED_RETURN
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10934)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/nseq.c | 6 | ||||
-rw-r--r-- | apps/ocsp.c | 3 | ||||
-rw-r--r-- | apps/pkcs12.c | 7 |
3 files changed, 10 insertions, 6 deletions
diff --git a/apps/nseq.c b/apps/nseq.c index 5b7ab67dd1..9d1e0950e8 100644 --- a/apps/nseq.c +++ b/apps/nseq.c @@ -82,8 +82,10 @@ int nseq_main(int argc, char **argv) seq->certs = sk_X509_new_null(); if (seq->certs == NULL) goto end; - while ((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL))) - sk_X509_push(seq->certs, x509); + while ((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL))) { + if (!sk_X509_push(seq->certs, x509)) + goto end; + } if (!sk_X509_num(seq->certs)) { BIO_printf(bio_err, "%s: Error reading certs file %s\n", diff --git a/apps/ocsp.c b/apps/ocsp.c index dc1b7601bb..4c66e966ef 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -451,7 +451,8 @@ int ocsp_main(int argc, char **argv) if ((issuers = sk_X509_new_null()) == NULL) goto end; } - sk_X509_push(issuers, issuer); + if (!sk_X509_push(issuers, issuer)) + goto end; break; case OPT_CERT: X509_free(cert); diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 5eff88b644..091318b67d 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -893,12 +893,13 @@ static int alg_print(const X509_ALGOR *alg) int cert_load(BIO *in, STACK_OF(X509) *sk) { - int ret; + int ret = 0; X509 *cert; - ret = 0; + while ((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) { ret = 1; - sk_X509_push(sk, cert); + if (!sk_X509_push(sk, cert)) + return 0; } if (ret) ERR_clear_error(); |