From: Dr. David von Oheimb <David.von.Oheimb@siemens.com>
Date: Mon, 1 Aug 2022 13:06:35 +0000 (+0200)
Subject: X509_REQ_get_extensions: add error queue entry on ill-formed extensions attribute
X-Git-Tag: openssl-3.2.0-alpha1~2169
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=e128eaa094fc0e95c93081c914c85bd6962a9a42;p=thirdparty%2Fopenssl.git

X509_REQ_get_extensions: add error queue entry on ill-formed extensions attribute

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18931)
---

diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
index e3f5c2add18..9e926fbe29a 100644
--- a/crypto/x509/x509_req.c
+++ b/crypto/x509/x509_req.c
@@ -154,8 +154,10 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
     }
     if (ext == NULL) /* no extensions is not an error */
         return sk_X509_EXTENSION_new_null();
-    if (ext->type != V_ASN1_SEQUENCE)
+    if (ext->type != V_ASN1_SEQUENCE) {
+        ERR_raise(ERR_LIB_X509, X509_R_WRONG_TYPE);
         return NULL;
+    }
     p = ext->value.sequence->data;
     return (STACK_OF(X509_EXTENSION) *)
         ASN1_item_d2i(NULL, &p, ext->value.sequence->length,