generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

RT2560: missing NULL check in ocsp_req_find_signer

Browse Source 
If we don't find a signer in the internal list, then fall
through and look at the internal list; don't just return NULL.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit b2aa38a980e9fbf158aafe487fb729c492b241fb)
This commit is contained in:
Rich Salz 2014-09-10 11:43:45 -04:00
parent 3aa2d2d08f
commit a9d928a8b6
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/ocsp/ocsp_vfy.c
View File

@ -436,9 +436,12 @@ static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req, X509_NAME *nm
if(!(flags & OCSP_NOINTERN)) if(!(flags & OCSP_NOINTERN))
{ {
signer = X509_find_by_subject(req->optionalSignature->certs, nm); signer = X509_find_by_subject(req->optionalSignature->certs, nm);
if (signer)
{
*psigner = signer; *psigner = signer;
return 1; return 1;
} }
}
signer = X509_find_by_subject(certs, nm); signer = X509_find_by_subject(certs, nm);
if (signer) if (signer)