[exim-dev] [Bug 2316] Missing Error Check in function X509_NAME_oneline()
https://bugs.exim.org/show_bug.cgi?id=2316 Jeremy Harris changed: What|Removed |Added Status|WAIT_FIX_CONFIRMATION |RESOLVED Resolution|--- |FIXED --- Comment #4 from Jeremy Harris --- Nobody commented -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2316] Missing Error Check in function X509_NAME_oneline()
https://bugs.exim.org/show_bug.cgi?id=2316 Jeremy Harris changed: What|Removed |Added Status|NEW |WAIT_FIX_CONFIRMATION -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2316] Missing Error Check in function X509_NAME_oneline()
https://bugs.exim.org/show_bug.cgi?id=2316 Git Commit changed: What|Removed |Added CC||g...@exim.org --- Comment #3 from Git Commit --- Git commit: https://git.exim.org/exim.git/commitdiff/70e384dde1f5b1290b807bc69c73887a7cbbe773 commit 70e384dde1f5b1290b807bc69c73887a7cbbe773 Author: Jeremy Harris AuthorDate: Fri Sep 21 18:01:57 2018 +0100 Commit: Jeremy Harris CommitDate: Fri Sep 21 18:01:57 2018 +0100 openssl: check return value from x509_name_oneline(). bug 2316 it didn't used to be documented as possibly returning null, but now it is. src/src/tls-openssl.c | 48 1 file changed, 32 insertions(+), 16 deletions(-) -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2316] Missing Error Check in function X509_NAME_oneline()
https://bugs.exim.org/show_bug.cgi?id=2316 --- Comment #2 from Chi Li --- (In reply to Jeremy Harris from comment #1) > The docs at > https://www.openssl.org/docs/man1.0.2/crypto/X509_NAME_oneline.html > do not say that NULL can be returned. Nor do the 1.1.0 versions. Sorry, It was my fault to forget to check the docs about the version 1.0.2. However, in the ref https://www.openssl.org/docs/manmaster/man3/X509_NAME_oneline.html which is the latest version docs says NULL on error. Also,the 1.0.2 version is already corrected referring to the latest standards. ref: https://github.com/openssl/openssl/blob/OpenSSL_1_0_2-stable/crypto/x509v3/v3_alt.c 152:if (X509_NAME_oneline(gen->d.dirn, oline, 256) == NULL 153:|| !X509V3_add_value("DirName", oline, )) 154: return NULL; The 1.1.0 version is corrected too. ref: https://github.com/openssl/openssl/blob/OpenSSL_1_1_0-stable/crypto/x509v3/v3_alt.c 103:if (X509_NAME_oneline(gen->d.dirn, oline, 256) == NULL 104:|| !X509V3_add_value("DirName", oline, )) 105: return NULL; -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2316] Missing Error Check in function X509_NAME_oneline()
https://bugs.exim.org/show_bug.cgi?id=2316 --- Comment #1 from Jeremy Harris --- The docs at https://www.openssl.org/docs/man1.0.2/crypto/X509_NAME_oneline.html do not say that NULL can be returned. Nor do the 1.1.0 versions. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##