]> granicus.if.org Git - openssl/commitdiff
projects / openssl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b15a19c)
Fix error handling in X509_chain_up_ref
authorBernd Edlinger <bernd.edlinger@hotmail.de>
Fri, 16 Aug 2019 13:18:51 +0000 (15:18 +0200)
committerBernd Edlinger <bernd.edlinger@hotmail.de>
Sat, 17 Aug 2019 14:51:32 +0000 (16:51 +0200)
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9614)

(cherry picked from commit cae665dfa6ccec743a7f39cf80676d7d2d787e56)

crypto/x509/x509_cmp.c patch | blob | history

diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 49b0368dfca4365680ca2709efb83737b0f232e4..4e74a74a515f7d40a618a180a5c034da64f61999 100644 (file)
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -451,9 +451,17 @@ STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain)
     STACK_OF(X509) *ret;
     int i;
     ret = sk_X509_dup(chain);
+    if (ret == NULL)
+        return NULL;
     for (i = 0; i < sk_X509_num(ret); i++) {
         X509 *x = sk_X509_value(ret, i);
-        X509_up_ref(x);
+        if (!X509_up_ref(x))
+            goto err;
     }
     return ret;
+ err:
+    while (i-- > 0)
+        X509_free (sk_X509_value(ret, i));
+    sk_X509_free(ret);
+    return NULL;
 }
Unnamed repository; edit this file 'description' to name the repository.