Fix X509_REQ_print_ex bug

Similar to the bug fixed in 02db7354fe7 (Fix bug in X509_print_ex).
The error return value from X509_NAME_print_ex() is different
depending on whether the flags are XN_FLAG_COMPAT or not.
Apply a similar fix to what was done for X509_print_ex here as well.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/19963)

(cherry picked from commit 2b5e028a2f70de216458a5140bcf4ec3d9236eeb)

diff --git a/crypto/x509/t_req.c b/crypto/x509/t_req.c
index f9cbbecd361399f2ede0b96096276c70a73b1e9e..22f824ee48c29ce65abd8b2bf23e6e830d7e5f0f 100644 (file)
--- a/crypto/x509/t_req.c
+++ b/crypto/x509/t_req.c
@@ -42,15 +42,17 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
     EVP_PKEY *pkey;
     STACK_OF(X509_EXTENSION) *exts;
     char mlch = ' ';
-    int nmindent = 0;
+    int nmindent = 0, printok = 0;
 
     if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
         mlch = '\n';
         nmindent = 12;
     }
 
-    if (nmflags == XN_FLAG_COMPAT)
+    if (nmflags == XN_FLAG_COMPAT) {
         nmindent = 16;
+        printok = 1;
+    }
 
     if (!(cflag & X509_FLAG_NO_HEADER)) {
         if (BIO_write(bp, "Certificate Request:\n", 21) <= 0)
@@ -72,7 +74,7 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
         if (BIO_printf(bp, "        Subject:%c", mlch) <= 0)
             goto err;
         if (X509_NAME_print_ex(bp, X509_REQ_get_subject_name(x),
-            nmindent, nmflags) < 0)
+            nmindent, nmflags) < printok)
             goto err;
         if (BIO_write(bp, "\n", 1) <= 0)
             goto err;