diff options
| author | Dmitry Belyavskiy <beldmit@gmail.com> | 2019-07-08 20:14:50 +1000 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2019-07-08 20:15:44 +1000 |
| commit | a48cd0c5b9fef42321fc16ea6a40c30c0e1712d4 (patch) | |
| tree | 75315556a349e970072f9d5df77d60c00dad4b1d /crypto | |
| parent | 7b031c206228ae1f48bdd9e271fc101f91f817e1 (diff) | |
Avoid NULL pointer dereference. Fixes #9043.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9059)
(cherry picked from commit 9fd6f7d1cd2a3c8e2bc69dcb8bde8406eb6c2623)
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/err/openssl.txt | 1 | ||||
| -rw-r--r-- | crypto/x509/t_req.c | 4 | ||||
| -rw-r--r-- | crypto/x509/x509_err.c | 2 |
3 files changed, 7 insertions, 0 deletions
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 655bfb67c2..907eeaa8c3 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -3011,6 +3011,7 @@ X509_R_CERT_ALREADY_IN_HASH_TABLE:101:cert already in hash table X509_R_CRL_ALREADY_DELTA:127:crl already delta X509_R_CRL_VERIFY_FAILURE:131:crl verify failure X509_R_IDP_MISMATCH:128:idp mismatch +X509_R_INVALID_ATTRIBUTES:138:invalid attributes X509_R_INVALID_DIRECTORY:113:invalid directory X509_R_INVALID_FIELD_NAME:119:invalid field name X509_R_INVALID_TRUST:123:invalid trust diff --git a/crypto/x509/t_req.c b/crypto/x509/t_req.c index 2d4c591b74..f315447ce1 100644 --- a/crypto/x509/t_req.c +++ b/crypto/x509/t_req.c @@ -127,6 +127,10 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, if ((j = i2a_ASN1_OBJECT(bp, aobj)) > 0) { ii = 0; count = X509_ATTRIBUTE_count(a); + if (count == 0) { + X509err(X509_F_X509_REQ_PRINT_EX, X509_R_INVALID_ATTRIBUTES); + return 0; + } get_next: at = X509_ATTRIBUTE_get0_type(a, ii); type = at->type; diff --git a/crypto/x509/x509_err.c b/crypto/x509/x509_err.c index 739708e24f..7ef97148c2 100644 --- a/crypto/x509/x509_err.c +++ b/crypto/x509/x509_err.c @@ -123,6 +123,8 @@ static const ERR_STRING_DATA X509_str_reasons[] = { {ERR_PACK(ERR_LIB_X509, 0, X509_R_CRL_VERIFY_FAILURE), "crl verify failure"}, {ERR_PACK(ERR_LIB_X509, 0, X509_R_IDP_MISMATCH), "idp mismatch"}, + {ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_ATTRIBUTES), + "invalid attributes"}, {ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_DIRECTORY), "invalid directory"}, {ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_FIELD_NAME), "invalid field name"}, |