diff options
| author | Richard Levitte <levitte@openssl.org> | 2021-04-23 15:47:59 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2021-04-23 20:22:49 +0200 |
| commit | 3d80b5e611f112fd004a4320cb5ecce93c73b7d4 (patch) | |
| tree | 90e7207839cf32184246bc0631b658e70f661254 /providers/implementations/storemgmt | |
| parent | 521a0bf6a11c4cdaef331934e93581d06ce834e1 (diff) | |
STORE: Simplify error filtering in der2obj_decode()
We do here like in all other decoder implementations, drop all errors
that were caused by a failing asn1_d2i_read_bio(), as it's most likely
to mean that the input isn't DER, and another decoder implementation,
if there is any left, should have a go.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/15008)
Diffstat (limited to 'providers/implementations/storemgmt')
| -rw-r--r-- | providers/implementations/storemgmt/file_store_der2obj.c | 24 |
1 files changed, 6 insertions, 18 deletions
diff --git a/providers/implementations/storemgmt/file_store_der2obj.c b/providers/implementations/storemgmt/file_store_der2obj.c index 2ecf20bac7..4f90535842 100644 --- a/providers/implementations/storemgmt/file_store_der2obj.c +++ b/providers/implementations/storemgmt/file_store_der2obj.c @@ -87,29 +87,18 @@ static int der2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, */ BIO *in = ossl_bio_new_from_core_bio(provctx, cin); BUF_MEM *mem = NULL; - int err, ok; + int ok; if (in == NULL) return 0; ERR_set_mark(); ok = (asn1_d2i_read_bio(in, &mem) >= 0); - /* - * Prune low-level ASN.1 parse errors from error queue, assuming that - * this is called by decoder_process() in a loop trying several formats. - */ - if (!ok) { - err = ERR_peek_last_error(); - if (ERR_GET_LIB(err) == ERR_LIB_ASN1 - && (ERR_GET_REASON(err) == ASN1_R_HEADER_TOO_LONG - || ERR_GET_REASON(err) == ASN1_R_UNSUPPORTED_TYPE - || ERR_GET_REASON(err) == ERR_R_NESTED_ASN1_ERROR - || ERR_GET_REASON(err) == ASN1_R_NOT_ENOUGH_DATA)) { - ERR_pop_to_mark(); - } else { - ERR_clear_last_mark(); - goto end; - } + ERR_pop_to_mark(); + if (!ok && mem != NULL) { + OPENSSL_free(mem->data); + OPENSSL_free(mem); + mem = NULL; } ok = 1; @@ -128,7 +117,6 @@ static int der2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, OPENSSL_free(mem->data); OPENSSL_free(mem); } - end: BIO_free(in); return ok; } |