Fix x509_crl propq so that it uses a copy

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12700)

diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c
index 1ec79255137692781a5a79bc10118685b2d2f0d8..164d425ab26b0c72cda338c40a1c53328f07a958 100644 (file)
--- a/crypto/x509/x_crl.c
+++ b/crypto/x509/x_crl.c
@@ -264,6 +264,15 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
         ASN1_INTEGER_free(crl->crl_number);
         ASN1_INTEGER_free(crl->base_crl_number);
         sk_GENERAL_NAMES_pop_free(crl->issuers, GENERAL_NAMES_free);
+        OPENSSL_free(crl->propq);
+        break;
+    case ASN1_OP_DUP_POST:
+        {
+            X509_CRL *old = exarg;
+
+            if (!x509_crl_set0_libctx(crl, old->libctx, old->propq))
+                return 0;
+        }
         break;
     }
     return 1;
@@ -494,7 +503,13 @@ int x509_crl_set0_libctx(X509_CRL *x, OSSL_LIB_CTX *libctx, const char *propq)
 {
     if (x != NULL) {
         x->libctx = libctx;
-        x->propq = propq;
+        OPENSSL_free(x->propq);
+        x->propq = NULL;
+        if (propq != NULL) {
+            x->propq = OPENSSL_strdup(propq);
+            if (x->propq == NULL)
+                return 0;
+        }
     }
     return 1;
 }

diff --git a/include/crypto/x509.h b/include/crypto/x509.h
index 7a4ff888dc39195245de9965d309ee9438372450..d88cd31902e15b2da2d63c2737b6e2d02525715e 100644 (file)
--- a/include/crypto/x509.h
+++ b/include/crypto/x509.h
@@ -116,7 +116,7 @@ struct X509_crl_st {
     CRYPTO_RWLOCK *lock;
 
     OSSL_LIB_CTX *libctx;
-    const char *propq;
+    char *propq;
 };
 
 struct x509_revoked_st {