From: Matt Caswell <matt@openssl.org>
Date: Fri, 19 Jan 2018 14:48:45 +0000 (+0000)
Subject: Don't crash on a missing Subject in index.txt
X-Git-Tag: OpenSSL_1_0_2o~47
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a3d684ffca282796511cb8f3593a59a80109eed8;p=thirdparty%2Fopenssl.git

Don't crash on a missing Subject in index.txt

An index.txt entry which has an empty Subject name field will cause ca
to crash. Therefore check it when we load it to make sure its not empty.

Fixes #5109

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5115)
---

diff --git a/apps/ca.c b/apps/ca.c
index df08581e377..bde3e4438a8 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -880,6 +880,10 @@ int MAIN(int argc, char **argv)
             }
             p++;
         }
+        if (pp[DB_name][0] == '\0') {
+            BIO_printf(bio_err, "entry %d: bad Subject\n", i + 1);
+            goto err;
+        }
     }
     if (verbose) {
         BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); /* cannot fail */