The branch OpenSSL_1_0_2-stable has been updated
via ffb1065e8b658cfb50e50428c92c77051d1f2308 (commit)
from 8270415d4ab6e3978cdd604d416c4f1f86289c4a (commit)
- Log -----------------------------------------------------------------
commit ffb1065e8b658cfb50e50428c92c77051d1f2308
Author: Paul Yang <paulyang....@gmail.com>
Date: Sat Jun 10 02:22:22 2017 +0800
Fix possible usage of NULL pointers in apps/spkac.c
Check return value of NETSCAPE_SPKI_new() and
NETSCAPE_SPKI_b64_encode(), and also clean up coding style incidentally.
Signed-off-by: Paul Yang <paulyang....@gmail.com>
Reviewed-by: Kurt Roeckx <k...@openssl.org>
Reviewed-by: Rich Salz <rs...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3647)
(cherry picked from commit f2582f08d5167ee84b7b313fd1435fe91ee44880)
-----------------------------------------------------------------------
Summary of changes:
apps/spkac.c | 19 +++++++++++--------
1 file changed, 11 insertions(+), 8 deletions(-)
diff --git a/apps/spkac.c b/apps/spkac.c
index 7f5333f..4b4106d 100644
--- a/apps/spkac.c
+++ b/apps/spkac.c
@@ -5,7 +5,7 @@
* 1999. Based on an original idea by Massimiliano Pala (madw...@openca.org).
*/
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2017 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -185,20 +185,23 @@ int MAIN(int argc, char **argv)
}
e = setup_engine(bio_err, engine, 0);
- if (keyfile) {
+ if (keyfile != NULL) {
pkey = load_key(bio_err,
strcmp(keyfile, "-") ? keyfile : NULL,
FORMAT_PEM, 1, passin, e, "private key");
- if (!pkey) {
+ if (pkey == NULL)
goto end;
- }
spki = NETSCAPE_SPKI_new();
- if (challenge)
+ if (spki == NULL)
+ goto end;
+ if (challenge != NULL)
ASN1_STRING_set(spki->spkac->challenge,
challenge, (int)strlen(challenge));
NETSCAPE_SPKI_set_pubkey(spki, pkey);
NETSCAPE_SPKI_sign(spki, pkey, EVP_md5());
spkstr = NETSCAPE_SPKI_b64_encode(spki);
+ if (spkstr == NULL)
+ goto end;
if (outfile)
out = BIO_new_file(outfile, "w");
@@ -253,7 +256,7 @@ int MAIN(int argc, char **argv)
spki = NETSCAPE_SPKI_b64_decode(spkstr, -1);
- if (!spki) {
+ if (spki == NULL) {
BIO_printf(bio_err, "Error loading SPKAC\n");
ERR_print_errors(bio_err);
goto end;
@@ -282,9 +285,9 @@ int MAIN(int argc, char **argv)
pkey = NETSCAPE_SPKI_get_pubkey(spki);
if (verify) {
i = NETSCAPE_SPKI_verify(spki, pkey);
- if (i > 0)
+ if (i > 0) {
BIO_printf(bio_err, "Signature OK\n");
- else {
+ } else {
BIO_printf(bio_err, "Signature Failure\n");
ERR_print_errors(bio_err);
goto end;
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
