diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-05-29 17:10:48 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-06-13 15:13:21 +0200 |
| commit | 1a27fe4be2223fcd88fdf9849bfabf7c6818796c (patch) | |
| tree | 8cbe359f8e5ba6cd941b09eb3a0d003e16dd5343 /crypto/cmp | |
| parent | 8b22c283b800834d605ebddec531139ce8573bcc (diff) | |
Bug fix in ossl_cmp_certRep_new(): must allocate empty extraCerts stack
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11998)
Diffstat (limited to 'crypto/cmp')
| -rw-r--r-- | crypto/cmp/cmp_msg.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c index bbce90c326..9735a1c0b7 100644 --- a/crypto/cmp/cmp_msg.c +++ b/crypto/cmp/cmp_msg.c @@ -23,6 +23,7 @@ DEFINE_STACK_OF(OSSL_CMP_CERTSTATUS) DEFINE_STACK_OF(OSSL_CMP_ITAV) DEFINE_STACK_OF(GENERAL_NAME) +DEFINE_STACK_OF(X509) DEFINE_STACK_OF(X509_EXTENSION) DEFINE_STACK_OF(OSSL_CMP_PKISI) DEFINE_STACK_OF(OSSL_CRMF_MSG) @@ -426,9 +427,12 @@ OSSL_CMP_MSG *ossl_cmp_certRep_new(OSSL_CMP_CTX *ctx, int bodytype, if (bodytype == OSSL_CMP_PKIBODY_IP && caPubs != NULL && (repMsg->caPubs = X509_chain_up_ref(caPubs)) == NULL) goto err; - if (chain != NULL - && !ossl_cmp_sk_X509_add1_certs(msg->extraCerts, chain, 0, 1, 0)) + if (sk_X509_num(chain) > 0) { + msg->extraCerts = sk_X509_new_reserve(NULL, sk_X509_num(chain)); + if (msg->extraCerts == NULL + || !ossl_cmp_sk_X509_add1_certs(msg->extraCerts, chain, 0, 1, 0)) goto err; + } if (!unprotectedErrors || ossl_cmp_pkisi_get_status(si) != OSSL_CMP_PKISTATUS_rejection) |