generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

ASN1_primitive_new NULL param handling

Browse Source 
ASN1_primitive_new takes an ASN1_ITEM * param |it|. There are a couple
of conditional code paths that check whether |it| is NULL or not - but
later |it| is deref'd unconditionally. If |it| was ever really NULL then
this would seg fault. In practice ASN1_primitive_new is marked as an
internal function in the public header file. The only places it is ever
used internally always pass a non NULL parameter for |it|. Therefore, change
the code to sanity check that |it| is not NULL, and remove the conditional
checking.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
This commit is contained in:
Matt Caswell 2015-03-11 16:00:01 +00:00
parent a01087027b
commit 9e488fd6ab
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
crypto/asn1/tasn_new.c
View File

@ -315,13 +315,16 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
ASN1_STRING *str; ASN1_STRING *str;
int utype; int utype;
if (it && it->funcs) { if (!it)
return 0;
if (it->funcs) {
const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
if (pf->prim_new) if (pf->prim_new)
return pf->prim_new(pval, it); return pf->prim_new(pval, it);
} }
if (!it || (it->itype == ASN1_ITYPE_MSTRING)) if (it->itype == ASN1_ITYPE_MSTRING)
utype = -1; utype = -1;
else else
utype = it->utype; utype = it->utype;