From: otherddn1978 Date: Thu, 26 Dec 2024 10:26:34 +0000 (+0300) Subject: If you call X509_add_cert with cert == NULL and the X509_ADD_FLAG_UP_REF X-Git-Tag: openssl-3.1.8~16 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2bd0e81e507e2c9ae0c3a7a5b42d48e24ad614d4;p=thirdparty%2Fopenssl.git If you call X509_add_cert with cert == NULL and the X509_ADD_FLAG_UP_REF flag, it will сrash to X509_up_ref. Passing NULL here is not valid, return 0 if cert == NULL. Reviewed-by: Tomas Mraz Reviewed-by: Viktor Dukhovni Reviewed-by: Frederik Wedel-Heinen (Merged from https://github.com/openssl/openssl/pull/26267) (cherry picked from commit 3c7db9e0fdf4706d91cedf5fca70b609bdc1677e) --- diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index 989fb8faa9f..697fdf5347d 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -196,6 +196,8 @@ int X509_add_cert(STACK_OF(X509) *sk, X509 *cert, int flags) ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER); return 0; } + if (cert == NULL) + return 0; if ((flags & X509_ADD_FLAG_NO_DUP) != 0) { /* * not using sk_X509_set_cmp_func() and sk_X509_find() diff --git a/doc/man3/X509_add_cert.pod b/doc/man3/X509_add_cert.pod index a4f3ea50324..2b38830eb17 100644 --- a/doc/man3/X509_add_cert.pod +++ b/doc/man3/X509_add_cert.pod @@ -16,6 +16,7 @@ X509 certificate list addition functions =head1 DESCRIPTION X509_add_cert() adds a certificate I to the given list I. +It is an error for the I argument to be NULL. X509_add_certs() adds a list of certificate I to the given list I. The I argument may be NULL, which implies no effect.