diff options
| author | Tomas Mraz <tomas@openssl.org> | 2022-10-12 10:36:20 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2022-10-21 18:03:33 +0200 |
| commit | 367ee2152e019d72f63537ae898eda311bc9219a (patch) | |
| tree | cde4b048352703e8cc0ba8ed0ed58d4666887855 /ssl | |
| parent | d8f0b0fc1fe520939c0a2ae1aafd394afcde4e55 (diff) | |
stack: Do not add error if pop/shift/value accesses outside of the stack
This partially reverts commit 30eba7f35983a917f1007bce45040c0af3442e42.
This is legitimate use of the stack functions and no error
should be reported apart from the NULL return value.
Fixes #19389
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19400)
(cherry picked from commit a8086e6bfc37355626393751a94bc5c92df7e9d3)
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/ssl_lib.c | 3 | ||||
| -rw-r--r-- | ssl/statem/statem_srvr.c | 2 |
2 files changed, 2 insertions, 3 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index f32074b585..75ef563f1f 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -4987,8 +4987,7 @@ static int ct_move_scts(STACK_OF(SCT) **dst, STACK_OF(SCT) *src, } } - while (sk_SCT_num(src) > 0) { - sct = sk_SCT_pop(src); + while ((sct = sk_SCT_pop(src)) != NULL) { if (SCT_set_source(sct, origin) != 1) goto err; diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index b6b5e79d00..a9e67f9d32 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -3551,7 +3551,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt) } X509_free(s->session->peer); - s->session->peer = sk_X509_num(sk) == 0 ? NULL: sk_X509_shift(sk); + s->session->peer = sk_X509_shift(sk); s->session->verify_result = s->verify_result; sk_X509_pop_free(s->session->peer_chain, X509_free); |