diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2020-08-21 15:14:42 +1000 |
---|---|---|
committer | Shane Lontis <shane.lontis@oracle.com> | 2020-12-04 08:22:24 +1000 |
commit | 22b9230f39ff44f434dc671c45fe0bc68c14c0ad (patch) | |
tree | 85a76966ab56946ce5bed9471ed03aa0b708355d /crypto/x509/x_x509.c | |
parent | ae290d8f0cc9fcfec2777bd18c39a4059001c7cc (diff) | |
download | openssl-new-22b9230f39ff44f434dc671c45fe0bc68c14c0ad.tar.gz |
Fix X509 propq so it does not use references
Fixes #13486
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12700)
Diffstat (limited to 'crypto/x509/x_x509.c')
-rw-r--r-- | crypto/x509/x_x509.c | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c index efcd7cd15c..b09fa2754a 100644 --- a/crypto/x509/x_x509.c +++ b/crypto/x509/x_x509.c @@ -95,23 +95,22 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, ASIdentifiers_free(ret->rfc3779_asid); #endif ASN1_OCTET_STRING_free(ret->distinguishing_id); + OPENSSL_free(ret->propq); break; case ASN1_OP_DUP_POST: { X509 *old = exarg; - ret->libctx = old->libctx; - ret->propq = old->propq; + if (!x509_set0_libctx(ret, old->libctx, old->propq)) + return 0; } break; - default: break; } return 1; - } ASN1_SEQUENCE_ref(X509, x509_cb) = { @@ -149,7 +148,13 @@ int x509_set0_libctx(X509 *x, OSSL_LIB_CTX *libctx, const char *propq) { if (x != NULL) { x->libctx = libctx; - x->propq = propq; + OPENSSL_free(x->propq); + x->propq = NULL; + if (propq != NULL) { + x->propq = OPENSSL_strdup(propq); + if (x->propq == NULL) + return 0; + } } return 1; } @@ -159,7 +164,10 @@ X509 *X509_new_ex(OSSL_LIB_CTX *libctx, const char *propq) X509 *cert = NULL; cert = (X509 *)ASN1_item_new((X509_it())); - (void)x509_set0_libctx(cert, libctx, propq); + if (!x509_set0_libctx(cert, libctx, propq)) { + X509_free(cert); + cert = NULL; + } return cert; } |