CVSROOT: /cvs
Module name: src
Changes by: schwa...@cvs.openbsd.org 2020/06/04 15:21:03
Modified files:
lib/libcrypto/asn1: x_attrib.c
lib/libcrypto/man: PKCS7_add_attribute.3
regress/lib/libcrypto/x509: Makefile
Added files:
regress/lib/libcrypto/x509: x509attribute.c
Log message:
When X509_ATTRIBUTE_create() receives an invalid NID (e.g., -1), return
failure rather than silently constructing a broken X509_ATTRIBUTE object
that might cause NULL pointer accesses later on. This matters because
X509_ATTRIBUTE_create() is used by documented API functions like
PKCS7_add_attribute(3) and the NID comes straight from the user.
This fixes a bug found while working on documentation.
OK tb@ and "thanks" bluhm@
