From d9ac82a28d10c05d7b491324596a9d8ce7a9319e Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Thu, 22 Jun 2017 15:25:26 +0100
Subject: Fix OBJ_create() to tolerate a NULL sn and ln

In 1.0.2 and before OBJ_create() allowed the sn or ln parameter to be NULL.
Commit 52832e47 changed that so that it crashed if they were NULL.

This was causing problems with the built-in config oid module. If a long
name was provided OBJ_create() is initially called with a NULL ln and
therefore causes a crash.

Fixes #3733

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3753)

(cherry picked from commit f13615c5b828aeb8e3d9bf2545c803633d1c684f)
---
 crypto/objects/obj_dat.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'crypto/objects')

diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
index 9f3741778a..fd833be1a1 100644
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@@ -685,7 +685,8 @@ int OBJ_create(const char *oid, const char *sn, const char *ln)
     int ok = 0;
 
     /* Check to see if short or long name already present */
-    if (OBJ_sn2nid(sn) != NID_undef || OBJ_ln2nid(ln) != NID_undef) {
+    if ((sn != NULL && OBJ_sn2nid(sn) != NID_undef)
+            || (ln != NULL && OBJ_ln2nid(ln) != NID_undef)) {
         OBJerr(OBJ_F_OBJ_CREATE, OBJ_R_OID_EXISTS);
         return 0;
     }
-- 
cgit v1.2.3