The branch OpenSSL_1_1_0-stable has been updated via 6fc92032e02bb17cb7486e71aafdc1905497693a (commit) from 2392eb77d237684a32b1290fc9e3d0e2f3b08554 (commit)
- Log ----------------------------------------------------------------- commit 6fc92032e02bb17cb7486e71aafdc1905497693a Author: Richard Levitte <levi...@openssl.org> Date: Thu May 17 09:53:14 2018 +0200 Restore check of |*xn| against |name| in X509_NAME_set A previous change of this function introduced a fragility when the destination happens to be the same as the source. Such alias isn't recommended, but could still happen, for example in this kind of code: X509_NAME *subject = X509_get_issuer_name(x); /* ... some code passes ... */ X509_set_issuer_name(x, subject); Fixes #4710 Reviewed-by: Andy Polyakov <ap...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6280) (cherry picked from commit c1c1783d45a5e91951e6328a820939d0256c841c) ----------------------------------------------------------------------- Summary of changes: crypto/x509/x_name.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c index 0af5df5..8e717dc 100644 --- a/crypto/x509/x_name.c +++ b/crypto/x509/x_name.c @@ -472,6 +472,8 @@ static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname, int X509_NAME_set(X509_NAME **xn, X509_NAME *name) { + if (*xn == name) + return *xn != NULL; if ((name = X509_NAME_dup(name)) == NULL) return 0; X509_NAME_free(*xn); _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits