]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a1420a6)
Avoid premature short-circuit in check_email
authorViktor Dukhovni <openssl-users@dukhovni.org>
Mon, 16 Mar 2026 08:30:04 +0000 (19:30 +1100)
committerTomas Mraz <tomas@openssl.foundation>
Tue, 17 Mar 2026 15:35:31 +0000 (16:35 +0100)
- Also harden check_hosts() to handle NULL `vpm->hosts`,
  currently checked by the caller.

- Also harden check_ips() to handle NULL `vpm->ips`,
  currently checked by the caller.

Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Tue Mar 17 15:35:16 2026
(Merged from https://github.com/openssl/openssl/pull/30444)

(cherry picked from commit 6f9a0f3bcdf8f7c8b3d6a7dfb100788a8726905e)

crypto/x509/x509_vfy.c patch | blob | blame | history

diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index c2c39a1e4982ee5fb3a2b815ff9c04f352c71233..6537a2c7f8584512f730342e84e1783da2fb78d3 100644 (file)
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -929,64 +929,55 @@ static int check_id_error(X509_STORE_CTX *ctx, int errcode)
 
 static int check_hosts(X509 *x, X509_VERIFY_PARAM *vpm)
 {
-    int i;
-    int n = sk_X509_BUFFER_num(vpm->hosts);
     const uint8_t *name;
+    int n = sk_X509_BUFFER_num(vpm->hosts);
 
     if (vpm->peername != NULL) {
         OPENSSL_free(vpm->peername);
         vpm->peername = NULL;
     }
-    for (i = 0; i < n; ++i) {
+    for (int i = 0; i < n; ++i) {
         size_t len = sk_X509_BUFFER_value(vpm->hosts, i)->len;
         name = sk_X509_BUFFER_value(vpm->hosts, i)->data;
         if (X509_check_host(x, (const char *)name, len, vpm->hostflags, &vpm->peername) > 0)
             return 1;
     }
-    return n == 0;
+    return n <= 0;
 }
 
 static int check_email(X509 *x, X509_VERIFY_PARAM *vpm)
 {
-    int i, n, j;
     const uint8_t *name;
+    int nasc = sk_X509_BUFFER_num(vpm->rfc822s);
+    int nutf = sk_X509_BUFFER_num(vpm->smtputf8s);
 
-    if (vpm->rfc822s == NULL)
-        return 1;
-
-    n = sk_X509_BUFFER_num(vpm->rfc822s);
-
-    for (i = 0; i < n; ++i) {
+    for (int i = 0; i < nasc; ++i) {
         size_t len = sk_X509_BUFFER_value(vpm->rfc822s, i)->len;
         name = sk_X509_BUFFER_value(vpm->rfc822s, i)->data;
         if (ossl_x509_check_rfc822(x, (const char *)name, len, vpm->hostflags))
             return 1;
     }
-
-    j = sk_X509_BUFFER_num(vpm->smtputf8s);
-    for (i = 0; i < j; ++i) {
+    for (int i = 0; i < nutf; ++i) {
         size_t len = sk_X509_BUFFER_value(vpm->smtputf8s, i)->len;
         name = sk_X509_BUFFER_value(vpm->smtputf8s, i)->data;
         if (ossl_x509_check_smtputf8(x, (const char *)name, len, vpm->hostflags))
             return 1;
     }
-
-    return n == 0 && j == 0;
+    return nasc <= 0 && nutf <= 0;
 }
 
 static int check_ips(X509 *x, X509_VERIFY_PARAM *vpm)
 {
-    int i;
-    int n = sk_X509_BUFFER_num(vpm->ips);
     const uint8_t *name;
+    int n = sk_X509_BUFFER_num(vpm->ips);
 
-    for (i = 0; i < n; ++i) {
+    for (int i = 0; i < n; ++i) {
         size_t len = sk_X509_BUFFER_value(vpm->ips, i)->len;
         name = sk_X509_BUFFER_value(vpm->ips, i)->data;
         if (X509_check_ip(x, name, len, vpm->hostflags) > 0)
             return 1;
     }
-    return n == 0;
+    return n <= 0;
 }
 
 static int check_id(X509_STORE_CTX *ctx)
Mirror of https://github.com/openssl/openssl.git