Browse Source

Fix the error handling in i2v_AUTHORITY_KEYID

Previously if an error path is entered a leak could result.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David Benjamin <davidben@google.com>
master
Matt Caswell 1 month ago
parent
commit
4b8a8bb752
2 changed files with 26 additions and 7 deletions
  1. +26
    -7
      crypto/x509/v3_akid.c
  2. BIN
      fuzz/corpora/x509/0bf7ea6564ba1096f9760bbd6ed02f25aa0d583c

+ 26
- 7
crypto/x509/v3_akid.c View File

@ -40,29 +40,48 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
STACK_OF(CONF_VALUE)
*extlist)
{
char *tmp;
char *tmp = NULL;
STACK_OF(CONF_VALUE) *origextlist = extlist, *tmpextlist;
if (akeyid->keyid) {
tmp = OPENSSL_buf2hexstr(akeyid->keyid->data, akeyid->keyid->length);
if (tmp == NULL) {
ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
return NULL;
}
X509V3_add_value((akeyid->issuer || akeyid->serial) ? "keyid" : NULL,
tmp, &extlist);
if (!X509V3_add_value((akeyid->issuer || akeyid->serial) ? "keyid" : NULL,
tmp, &extlist)) {
OPENSSL_free(tmp);
ERR_raise(ERR_LIB_X509V3, ERR_R_X509_LIB);
goto err;
}
OPENSSL_free(tmp);
}
if (akeyid->issuer)
extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
if (akeyid->issuer) {
tmpextlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
if (tmpextlist == NULL) {
ERR_raise(ERR_LIB_X509V3, ERR_R_X509_LIB);
goto err;
}
extlist = tmpextlist;
}
if (akeyid->serial) {
tmp = OPENSSL_buf2hexstr(akeyid->serial->data, akeyid->serial->length);
if (tmp == NULL) {
ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
return NULL;
goto err;
}
if (!X509V3_add_value("serial", tmp, &extlist)) {
OPENSSL_free(tmp);
goto err;
}
X509V3_add_value("serial", tmp, &extlist);
OPENSSL_free(tmp);
}
return extlist;
err:
if (origextlist == NULL)
sk_CONF_VALUE_pop_free(extlist, X509V3_conf_free);
return NULL;
}
/*-


BIN
fuzz/corpora/x509/0bf7ea6564ba1096f9760bbd6ed02f25aa0d583c View File


Loading…
Cancel
Save