From: Shane Lontis Date: Fri, 21 Aug 2020 05:14:42 +0000 (+1000) Subject: Fix X509 propq so it does not use references X-Git-Tag: openssl-3.0.0-alpha10~186 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=22b9230f39ff44f434dc671c45fe0bc68c14c0ad;p=thirdparty%2Fopenssl.git Fix X509 propq so it does not use references Fixes #13486 Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/12700) --- diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c index efcd7cd15c5..b09fa2754ad 100644 --- a/crypto/x509/x_x509.c +++ b/crypto/x509/x_x509.c @@ -95,23 +95,22 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, ASIdentifiers_free(ret->rfc3779_asid); #endif ASN1_OCTET_STRING_free(ret->distinguishing_id); + OPENSSL_free(ret->propq); break; case ASN1_OP_DUP_POST: { X509 *old = exarg; - ret->libctx = old->libctx; - ret->propq = old->propq; + if (!x509_set0_libctx(ret, old->libctx, old->propq)) + return 0; } break; - default: break; } return 1; - } ASN1_SEQUENCE_ref(X509, x509_cb) = { @@ -149,7 +148,13 @@ int x509_set0_libctx(X509 *x, OSSL_LIB_CTX *libctx, const char *propq) { if (x != NULL) { x->libctx = libctx; - x->propq = propq; + OPENSSL_free(x->propq); + x->propq = NULL; + if (propq != NULL) { + x->propq = OPENSSL_strdup(propq); + if (x->propq == NULL) + return 0; + } } return 1; } @@ -159,7 +164,10 @@ X509 *X509_new_ex(OSSL_LIB_CTX *libctx, const char *propq) X509 *cert = NULL; cert = (X509 *)ASN1_item_new((X509_it())); - (void)x509_set0_libctx(cert, libctx, propq); + if (!x509_set0_libctx(cert, libctx, propq)) { + X509_free(cert); + cert = NULL; + } return cert; } diff --git a/include/crypto/x509.h b/include/crypto/x509.h index 6fa5d22dc6e..7a4ff888dc3 100644 --- a/include/crypto/x509.h +++ b/include/crypto/x509.h @@ -196,7 +196,7 @@ struct x509_st { ASN1_OCTET_STRING *distinguishing_id; OSSL_LIB_CTX *libctx; - const char *propq; + char *propq; } /* X509 */ ; /*