Fix issue where OBJ_nid2obj doesn't always raise an error

This was previously fixed in 3.0 but not 1.1.

Fixes #13008.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17808)

diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
index 46006fe6cf9c4636645efe5678ac4e012933a01a..a501ca104bf8b89e62f678cb1996b4a924d936fd 100644 (file)
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@@ -228,9 +228,10 @@ ASN1_OBJECT *OBJ_nid2obj(int n)
             return NULL;
         }
         return (ASN1_OBJECT *)&(nid_objs[n]);
-    } else if (added == NULL)
+    } else if (added == NULL) {
+        OBJerr(OBJ_F_OBJ_NID2OBJ, OBJ_R_UNKNOWN_NID);
         return NULL;
-    else {
+    } else {
         ad.type = ADDED_NID;
         ad.obj = &ob;
         ob.nid = n;

diff --git a/test/asn1_internal_test.c b/test/asn1_internal_test.c
index 865e0584219e94ed59c574827c7c11ce02bbcd1f..caca0cb15e658d352ce88e8d2daec54632cd726c 100644 (file)
--- a/test/asn1_internal_test.c
+++ b/test/asn1_internal_test.c
@@ -107,9 +107,36 @@ static int test_standard_methods(void)
     return 0;
 }
 
+/**********************************************************************
+ *
+ * Regression test for issue where OBJ_nid2obj does not raise
+ * an error when a NID is not registered.
+ *
+ ***/
+static int test_nid2obj_nonexist(void)
+{
+    ASN1_OBJECT *obj;
+    unsigned long err;
+
+    obj = OBJ_nid2obj(INT_MAX);
+    if (!TEST_true(obj == NULL))
+        return 0;
+
+    err = ERR_get_error();
+
+    if (!TEST_int_eq(ERR_GET_FUNC(err), OBJ_F_OBJ_NID2OBJ))
+        return 0;
+
+    if (!TEST_int_eq(ERR_GET_REASON(err), OBJ_R_UNKNOWN_NID))
+        return 0;
+
+    return 1;
+}
+
 int setup_tests(void)
 {
     ADD_TEST(test_tbl_standard);
     ADD_TEST(test_standard_methods);
+    ADD_TEST(test_nid2obj_nonexist);
     return 1;
 }