Add stack space reservations.

Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4386)
author: Pauli <paul.dale@oracle.com> 2017-09-19 08:48:14 +1000
committer: Pauli <paul.dale@oracle.com> 2017-09-28 06:53:40 +1000
commit: e431363f8c241abd0dfe9b83dfc1cec1bdfe13ab (patch)
tree: 1f4d44a49ed133216ac06b19d8e9b3c37e0b6b3c /ssl/ssl_cert.c
parent: 1b3e2bbf64b96f636277ca29b31ba152c1831e74 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index ba5fb653fe..a517cf11e6 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -460,6 +460,7 @@ static void set0_CA_list(STACK_OF(X509_NAME) **ca_list,
 STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk)
 {
     int i;
+    const int num = sk_X509_NAME_num(sk);
     STACK_OF(X509_NAME) *ret;
     X509_NAME *name;
 
@@ -468,13 +469,16 @@ STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk)
         SSLerr(SSL_F_SSL_DUP_CA_LIST, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
-    for (i = 0; i < sk_X509_NAME_num(sk); i++) {
+    if (!sk_X509_NAME_reserve(ret, num))
+        return NULL;
+    for (i = 0; i < num; i++) {
         name = X509_NAME_dup(sk_X509_NAME_value(sk, i));
-        if (name == NULL || !sk_X509_NAME_push(ret, name)) {
+        if (name == NULL) {
             sk_X509_NAME_pop_free(ret, X509_NAME_free);
             X509_NAME_free(name);
             return NULL;
         }
+        sk_X509_NAME_push(ret, name);   /* Cannot fail after reserve call */
     }
     return (ret);
 }
author	Pauli <paul.dale@oracle.com>	2017-09-19 08:48:14 +1000
committer	Pauli <paul.dale@oracle.com>	2017-09-28 06:53:40 +1000
commit	e431363f8c241abd0dfe9b83dfc1cec1bdfe13ab (patch)
tree	1f4d44a49ed133216ac06b19d8e9b3c37e0b6b3c /ssl/ssl_cert.c
parent	1b3e2bbf64b96f636277ca29b31ba152c1831e74 (diff)