generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Free up passed ASN.1 structure if reused.

Browse Source 
Change the "reuse" behaviour in ASN1_item_d2i: if successful the old
structure is freed and a pointer to the new one used. If it is not
successful then the passed structure is untouched.

Exception made for primitive types so ssl_asn1.c still works.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>

Conflicts:
	doc/crypto/d2i_X509.pod
This commit is contained in:
Dr. Stephen Henson 2015-02-23 12:57:50 +00:00 committed by Richard Levitte
parent cf432b3b1b
commit d275dbe6eb
2 changed files with 19 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
crypto/asn1/tasn_dec.c
View File

@ -140,11 +140,17 @@ ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval,
{
ASN1_TLC c;
ASN1_VALUE *ptmpval = NULL;
if (!pval)
pval = &ptmpval;
asn1_tlc_clear_nc(&c);
if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
return *pval;
if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE)
ptmpval = *pval;
if (ASN1_item_ex_d2i(&ptmpval, in, len, it, -1, 0, 0, &c) > 0) {
if (pval && it->itype != ASN1_ITYPE_PRIMITIVE) {
if (*pval)
ASN1_item_free(*pval, it);
*pval = ptmpval;
}
return ptmpval;
}
return NULL;
}

10
doc/crypto/d2i_X509.pod
View File

@ -199,6 +199,12 @@ B<*px> is valid is broken and some parts of the reused structure may
persist if they are not present in the new one. As a result the use
of this "reuse" behaviour is strongly discouraged.
Current versions of OpenSSL will not modify B<*px> if an error occurs.
If parsing succeeds then B<*px> is freed (if it is not NULL) and then
set to the value of the newly decoded structure. As a result B<*px>
B<must not> be allocated on the stack or an attempt will be made to
free an invalid pointer.
i2d_X509() will not return an error in many versions of OpenSSL,
if mandatory fields are not initialized due to a programming error
then the encoded structure may contain invalid data or omit the
@ -210,7 +216,9 @@ always succeed.
d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure
or B<NULL> if an error occurs. The error code that can be obtained by
L<ERR_get_error(3)|ERR_get_error(3)>.
L<ERR_get_error(3)|ERR_get_error(3)>. If the "reuse" capability has been used
with a valid X509 structure being passed in via B<px> then the object is not
modified in the event of error.
i2d_X509() returns the number of bytes successfully encoded or a negative
value if an error occurs. The error code can be obtained by