summaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorNeil Horman <nhorman@openssl.org>2024-01-02 15:48:00 -0500
committerNeil Horman <nhorman@openssl.org>2024-01-05 14:22:59 -0500
commitbdb3c6d6a2babb31bf145e3d0094e4b91b74c969 (patch)
treecb4a0f8c07efc373890c4240293e12f7dc36acc9 /crypto
parentf616d36a9d3ba8d48525a6da4805d9964ecd7c73 (diff)
Validate config options during x509 extension creation
There are several points during x509 extension creation which rely on configuration options which may have been incorrectly parsed due to invalid settings. Preform a value check for null in those locations to avoid various crashes/undefined behaviors Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23183) (cherry picked from commit bac7e687d71b124b09ad6ad3e15be9b38c08a1ba)
Diffstat (limited to 'crypto')
-rw-r--r--crypto/x509/v3_addr.c4
-rw-r--r--crypto/x509/v3_asid.c5
-rw-r--r--crypto/x509/v3_crld.c5
-rw-r--r--crypto/x509/v3_ist.c16
4 files changed, 26 insertions, 4 deletions
diff --git a/crypto/x509/v3_addr.c b/crypto/x509/v3_addr.c
index b990d54048..0d28bf9c13 100644
--- a/crypto/x509/v3_addr.c
+++ b/crypto/x509/v3_addr.c
@@ -984,6 +984,10 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
* the other input values.
*/
if (safi != NULL) {
+ if (val->value == NULL) {
+ ERR_raise(ERR_LIB_X509V3, X509V3_R_MISSING_VALUE);
+ goto err;
+ }
*safi = strtoul(val->value, &t, 0);
t += strspn(t, " \t");
if (*safi > 0xFF || *t++ != ':') {
diff --git a/crypto/x509/v3_asid.c b/crypto/x509/v3_asid.c
index 251243b723..1cb892df67 100644
--- a/crypto/x509/v3_asid.c
+++ b/crypto/x509/v3_asid.c
@@ -545,6 +545,11 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
goto err;
}
+ if (val->value == NULL) {
+ ERR_raise(ERR_LIB_X509V3, X509V3_R_EXTENSION_VALUE_ERROR);
+ goto err;
+ }
+
/*
* Handle inheritance.
*/
diff --git a/crypto/x509/v3_crld.c b/crypto/x509/v3_crld.c
index 08df3faf86..e9f6e08e27 100644
--- a/crypto/x509/v3_crld.c
+++ b/crypto/x509/v3_crld.c
@@ -70,6 +70,11 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx,
STACK_OF(GENERAL_NAME) *fnm = NULL;
STACK_OF(X509_NAME_ENTRY) *rnm = NULL;
+ if (cnf->value == NULL) {
+ ERR_raise(ERR_LIB_X509V3, X509V3_R_MISSING_VALUE);
+ goto err;
+ }
+
if (HAS_PREFIX(cnf->name, "fullname")) {
fnm = gnames_from_sectname(ctx, cnf->value);
if (!fnm)
diff --git a/crypto/x509/v3_ist.c b/crypto/x509/v3_ist.c
index 978a0f3ed8..4d5fe82f32 100644
--- a/crypto/x509/v3_ist.c
+++ b/crypto/x509/v3_ist.c
@@ -50,25 +50,33 @@ static ISSUER_SIGN_TOOL *v2i_issuer_sign_tool(X509V3_EXT_METHOD *method, X509V3_
}
if (strcmp(cnf->name, "signTool") == 0) {
ist->signTool = ASN1_UTF8STRING_new();
- if (ist->signTool == NULL || !ASN1_STRING_set(ist->signTool, cnf->value, strlen(cnf->value))) {
+ if (ist->signTool == NULL
+ || cnf->value == NULL
+ || !ASN1_STRING_set(ist->signTool, cnf->value, strlen(cnf->value))) {
ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
}
} else if (strcmp(cnf->name, "cATool") == 0) {
ist->cATool = ASN1_UTF8STRING_new();
- if (ist->cATool == NULL || !ASN1_STRING_set(ist->cATool, cnf->value, strlen(cnf->value))) {
+ if (ist->cATool == NULL
+ || cnf->value == NULL
+ || !ASN1_STRING_set(ist->cATool, cnf->value, strlen(cnf->value))) {
ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
}
} else if (strcmp(cnf->name, "signToolCert") == 0) {
ist->signToolCert = ASN1_UTF8STRING_new();
- if (ist->signToolCert == NULL || !ASN1_STRING_set(ist->signToolCert, cnf->value, strlen(cnf->value))) {
+ if (ist->signToolCert == NULL
+ || cnf->value == NULL
+ || !ASN1_STRING_set(ist->signToolCert, cnf->value, strlen(cnf->value))) {
ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
}
} else if (strcmp(cnf->name, "cAToolCert") == 0) {
ist->cAToolCert = ASN1_UTF8STRING_new();
- if (ist->cAToolCert == NULL || !ASN1_STRING_set(ist->cAToolCert, cnf->value, strlen(cnf->value))) {
+ if (ist->cAToolCert == NULL
+ || cnf->value == NULL
+ || !ASN1_STRING_set(ist->cAToolCert, cnf->value, strlen(cnf->value))) {
ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-26 01:15:33 +0000