[openssl.org #2090] [patch] NULL-pointer handling in asn1_multi()

View: New views

1 Messages — Rating Filter: Alert me

[openssl.org #2090] [patch] NULL-pointer handling in asn1_multi()

by Misha Aizatulin via RT :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Dear all,

another case where NULL should be handled is asn1_multi(). It looks like

sk = sk_ASN1_TYPE_new_null();
[...]
sk_ASN1_TYPE_push(sk, typ);

sk_ASN1_TYPE_push() is defined as sk_push(), which dereferences sk. A
simple patch is attached.

Best regards,

Martin

diff --git a/crypto/asn1/asn1_gen.c b/crypto/asn1/asn1_gen.c
index ec18cbf..60898b9 100644
--- a/crypto/asn1/asn1_gen.c
+++ b/crypto/asn1/asn1_gen.c
@@ -452,6 +452,8 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
int derlen;
int i;
sk = sk_ASN1_TYPE_new_null();
+ if (!sk)
+ goto bad;
if (section)
{
if (!cnf)