The branch master has been updated via ecf60b9e27c041e7c95669b52a399fc2f20fd0fe (commit) via 318e97997a514b16ca497cedb49730bc75764a05 (commit) from 44fde441937fc8db8ea6a7ac2e7c683ad9d5f8e0 (commit)
- Log ----------------------------------------------------------------- commit ecf60b9e27c041e7c95669b52a399fc2f20fd0fe Author: x2018 <xkernel.w...@foxmail.com> Date: Wed Dec 1 16:15:44 2021 +0800 remove redundant ERR_raise Reviewed-by: Shane Lontis <shane.lon...@oracle.com> Reviewed-by: Tomas Mraz <to...@openssl.org> Reviewed-by: Paul Dale <pa...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17175) commit 318e97997a514b16ca497cedb49730bc75764a05 Author: x2018 <xkernel.w...@foxmail.com> Date: Wed Dec 1 14:29:58 2021 +0800 check the return value of BIO_new() in t_x509.c:471 & cmp_vfy.c:36 Reviewed-by: Shane Lontis <shane.lon...@oracle.com> Reviewed-by: Tomas Mraz <to...@openssl.org> Reviewed-by: Paul Dale <pa...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17175) ----------------------------------------------------------------------- Summary of changes: crypto/cmp/cmp_vfy.c | 3 ++- crypto/x509/t_x509.c | 2 ++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c index d3d9cca0d4..cdfad0a631 100644 --- a/crypto/cmp/cmp_vfy.c +++ b/crypto/cmp/cmp_vfy.c @@ -34,7 +34,8 @@ static int verify_signature(const OSSL_CMP_CTX *cmp_ctx, return 0; bio = BIO_new(BIO_s_mem()); /* may be NULL */ - + if (bio == NULL) + return 0; /* verify that keyUsage, if present, contains digitalSignature */ if (!cmp_ctx->ignore_keyusage && (X509_get_key_usage(cert) & X509v3_KU_DIGITAL_SIGNATURE) == 0) { diff --git a/crypto/x509/t_x509.c b/crypto/x509/t_x509.c index 95ee5f519f..13ccb35508 100644 --- a/crypto/x509/t_x509.c +++ b/crypto/x509/t_x509.c @@ -470,6 +470,8 @@ int X509_STORE_CTX_print_verify_cb(int ok, X509_STORE_CTX *ctx) int cert_error = X509_STORE_CTX_get_error(ctx); BIO *bio = BIO_new(BIO_s_mem()); /* may be NULL */ + if (bio == NULL) + return 0; BIO_printf(bio, "%s at depth = %d error = %d (%s)\n", X509_STORE_CTX_get0_parent_ctx(ctx) != NULL ? "CRL path validation"