This patch prevents an infinite loop in apps/req.c when run in batch mode and user parameter fails req_len_check().
Affects all versions; applies against revision in CVS as of May 14 2011 Originally reported as Debian Bug 404700
diff --git a/apps/req.c b/apps/req.c --- a/apps/req.c +++ b/apps/req.c @@ -1490,7 +1490,13 @@ #ifdef CHARSET_EBCDIC ebcdic2ascii(buf, buf, i); #endif - if(!req_check_len(i, n_min, n_max)) goto start; + if (!req_check_len(i, n_min, n_max)) + { + if (!batch) + goto start; + else + return 0; + } if (!X509_NAME_add_entry_by_NID(n,nid, chtype, (unsigned char *) buf, -1,-1,mval)) goto err; ret=1; @@ -1549,7 +1555,13 @@ #ifdef CHARSET_EBCDIC ebcdic2ascii(buf, buf, i); #endif - if(!req_check_len(i, n_min, n_max)) goto start; + if (!req_check_len(i, n_min, n_max)) + { + if (!batch) + goto start; + else + return 0; + } if(!X509_REQ_add1_attr_by_NID(req, nid, chtype, (unsigned char *)buf, -1)) {