From: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Date: Thu, 10 Feb 2022 07:41:40 +0000 (+0800)
Subject: apps/ocsp: Add check for OPENSSL_strdup
X-Git-Tag: openssl-3.2.0-alpha1~2936
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8f084b43803d53e15d83ed130210f026f84679ff;p=thirdparty%2Fopenssl.git

apps/ocsp: Add check for OPENSSL_strdup

Just assert 'bn' to be non-NULL is not enough.
The check for 'itmp' is still needed.
If 'bn' is 0, the 'itmp' is assigned by OPENSSL_strdup().
Since OPENSSL_strdup() may fail because of the lack of memory,
the 'itmp' will be NULL and be an valid parameter hashed in
TXT_DB_get_by_index(), returning a wrong result.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17677)
---

diff --git a/apps/ocsp.c b/apps/ocsp.c
index 18e7c441916..51f2b37f479 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -1180,10 +1180,12 @@ static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser)
     bn = ASN1_INTEGER_to_BN(ser, NULL);
     OPENSSL_assert(bn);         /* FIXME: should report an error at this
                                  * point and abort */
-    if (BN_is_zero(bn))
+    if (BN_is_zero(bn)) {
         itmp = OPENSSL_strdup("00");
-    else
+        OPENSSL_assert(itmp);
+    } else {
         itmp = BN_bn2hex(bn);
+    }
     row[DB_serial] = itmp;
     BN_free(bn);
     rrow = TXT_DB_get_by_index(db->db, DB_serial, row);