Fix X509 propq so it does not use references

Fixes #13486

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12700)

1 files changed, 14 insertions, 6 deletions

diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c
index efcd7cd15c..b09fa2754a 100644
--- a/crypto/x509/x_x509.c
+++ b/crypto/x509/x_x509.c
@@ -95,23 +95,22 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
         ASIdentifiers_free(ret->rfc3779_asid);
 #endif
         ASN1_OCTET_STRING_free(ret->distinguishing_id);
+        OPENSSL_free(ret->propq);
         break;
 
     case ASN1_OP_DUP_POST:
         {
             X509 *old = exarg;
 
-            ret->libctx = old->libctx;
-            ret->propq = old->propq;
+            if (!x509_set0_libctx(ret, old->libctx, old->propq))
+                return 0;
         }
         break;
-
     default:
         break;
     }
 
     return 1;
-
 }
 
 ASN1_SEQUENCE_ref(X509, x509_cb) = {
@@ -149,7 +148,13 @@ int x509_set0_libctx(X509 *x, OSSL_LIB_CTX *libctx, const char *propq)
 {
     if (x != NULL) {
         x->libctx = libctx;
-        x->propq = propq;
+        OPENSSL_free(x->propq);
+        x->propq = NULL;
+        if (propq != NULL) {
+            x->propq = OPENSSL_strdup(propq);
+            if (x->propq == NULL)
+                return 0;
+        }
     }
     return 1;
 }
@@ -159,7 +164,10 @@ X509 *X509_new_ex(OSSL_LIB_CTX *libctx, const char *propq)
     X509 *cert = NULL;
 
     cert = (X509 *)ASN1_item_new((X509_it()));
-    (void)x509_set0_libctx(cert, libctx, propq);
+    if (!x509_set0_libctx(cert, libctx, propq)) {
+        X509_free(cert);
+        cert = NULL;
+    }
     return cert;
 }