Make sure x509v3_cache_extensions() does not modify the error queue

author Dr. David von Oheimb <David.von.Oheimb@siemens.com>

Wed, 12 Aug 2020 20:07:51 +0000 (22:07 +0200)

committer Dr. David von Oheimb <David.von.Oheimb@siemens.com>

Fri, 21 Aug 2020 07:04:08 +0000 (09:04 +0200)
author Dr. David von Oheimb <David.von.Oheimb@siemens.com>
Wed, 12 Aug 2020 20:07:51 +0000 (22:07 +0200)
committer Dr. David von Oheimb <David.von.Oheimb@siemens.com>
Fri, 21 Aug 2020 07:04:08 +0000 (09:04 +0200)
diff --git a/crypto/x509/v3_purp.c b/crypto/x509/v3_purp.c

index 9e0190a038d2938a18872fdcd737b6a59daaf7d2..d7d0aae3b34714396ee606b0ad0ee9bf826baf38 100644 (file)
--- a/crypto/x509/v3_purp.c
+++ b/crypto/x509/v3_purp.c
@@ -396,6 +396,7 @@ int x509v3_cache_extensions(X509 *x)
          CRYPTO_THREAD_unlock(x->lock);
          return (x->ex_flags & EXFLAG_INVALID) == 0;
      }
+    ERR_set_mark();
  
      if (!X509_digest(x, EVP_sha1(), x->sha1_hash, NULL))
              x->ex_flags |= EXFLAG_INVALID;
@@ -572,6 +573,7 @@ int x509v3_cache_extensions(X509 *x)
       * all stores are visible on all processors. Hence the release fence.
       */
  #endif
+    ERR_pop_to_mark();
      CRYPTO_THREAD_unlock(x->lock);
  
      return (x->ex_flags & EXFLAG_INVALID) == 0;
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>
	Wed, 12 Aug 2020 20:07:51 +0000 (22:07 +0200)
committer	Dr. David von Oheimb <David.von.Oheimb@siemens.com>
	Fri, 21 Aug 2020 07:04:08 +0000 (09:04 +0200)