generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

PR: 627

Browse Source 
Allocate certificatePolicies correctly if CPS field is absent.

Fix various memory leaks in certificatePolicies.
This commit is contained in:
Dr. Stephen Henson 2003-05-28 17:28:11 +00:00
parent e19d0ef068
commit 60790aff6f
1 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
crypto/x509v3/v3_cpols.c
View File

@ -73,7 +73,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *polstrs, int ia5org); STACK_OF(CONF_VALUE) *polstrs, int ia5org);
static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *unot, int ia5org); STACK_OF(CONF_VALUE) *unot, int ia5org);
static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos); static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos);
X509V3_EXT_METHOD v3_cpols = { X509V3_EXT_METHOD v3_cpols = {
NID_certificate_policies, 0,ASN1_ITEM_ref(CERTIFICATEPOLICIES), NID_certificate_policies, 0,ASN1_ITEM_ref(CERTIFICATEPOLICIES),
@ -226,6 +226,8 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
qual = notice_section(ctx, unot, ia5org); qual = notice_section(ctx, unot, ia5org);
X509V3_section_free(ctx, unot); X509V3_section_free(ctx, unot);
if(!qual) goto err; if(!qual) goto err;
if(!pol->qualifiers) pol->qualifiers =
sk_POLICYQUALINFO_new_null();
if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
goto merr; goto merr;
} else { } else {
@ -255,7 +257,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *unot, int ia5org) STACK_OF(CONF_VALUE) *unot, int ia5org)
{ {
int i; int i, ret;
CONF_VALUE *cnf; CONF_VALUE *cnf;
USERNOTICE *not; USERNOTICE *not;
POLICYQUALINFO *qual; POLICYQUALINFO *qual;
@ -275,8 +277,8 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
if(!(nref = NOTICEREF_new())) goto merr; if(!(nref = NOTICEREF_new())) goto merr;
not->noticeref = nref; not->noticeref = nref;
} else nref = not->noticeref; } else nref = not->noticeref;
if(ia5org) nref->organization = M_ASN1_IA5STRING_new(); if(ia5org) nref->organization->type = V_ASN1_IA5STRING;
else nref->organization = M_ASN1_VISIBLESTRING_new(); else nref->organization->type = V_ASN1_VISIBLESTRING;
if(!ASN1_STRING_set(nref->organization, cnf->value, if(!ASN1_STRING_set(nref->organization, cnf->value,
strlen(cnf->value))) goto merr; strlen(cnf->value))) goto merr;
} else if(!strcmp(cnf->name, "noticeNumbers")) { } else if(!strcmp(cnf->name, "noticeNumbers")) {
@ -292,12 +294,12 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
X509V3_conf_err(cnf); X509V3_conf_err(cnf);
goto err; goto err;
} }
nref->noticenos = nref_nos(nos); ret = nref_nos(nref->noticenos, nos);
sk_CONF_VALUE_pop_free(nos, X509V3_conf_free); sk_CONF_VALUE_pop_free(nos, X509V3_conf_free);
if(!nref->noticenos) goto err; if (!ret)
goto err;
} else { } else {
X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_OPTION); X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_OPTION);
X509V3_conf_err(cnf); X509V3_conf_err(cnf);
goto err; goto err;
} }
@ -319,15 +321,13 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
return NULL; return NULL;
} }
static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos) static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos)
{ {
STACK_OF(ASN1_INTEGER) *nnums;
CONF_VALUE *cnf; CONF_VALUE *cnf;
ASN1_INTEGER *aint; ASN1_INTEGER *aint;
int i; int i;
if(!(nnums = sk_ASN1_INTEGER_new_null())) goto merr;
for(i = 0; i < sk_CONF_VALUE_num(nos); i++) { for(i = 0; i < sk_CONF_VALUE_num(nos); i++) {
cnf = sk_CONF_VALUE_value(nos, i); cnf = sk_CONF_VALUE_value(nos, i);
if(!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) { if(!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) {
@ -336,14 +336,14 @@ static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos)
} }
if(!sk_ASN1_INTEGER_push(nnums, aint)) goto merr; if(!sk_ASN1_INTEGER_push(nnums, aint)) goto merr;
} }
return nnums; return 1;
merr: merr:
X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE); X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE);
err: err:
sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free); sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free);
return NULL; return 0;
} }