QuasarApp/openssl
4
0
Fork 0
mirror of https://github.com/QuasarApp/openssl.git synced 2025-05-12 01:19:41 +00:00
Code Issues Projects Releases Wiki Activity

Prevent crash in X509_NAME_cmp() etc. when cert has no issuer or no serialNumber

Browse Source 
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11386)
This commit is contained in:
Dr. David von Oheimb 2020-04-08 13:39:15 +02:00
parent 753283cd23
commit e0331eb8b8
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
crypto/x509/x509_cmp.c
View File

@ -21,6 +21,10 @@ int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
int i; int i;
const X509_CINF *ai, *bi; const X509_CINF *ai, *bi;
if (b == NULL)
return a != NULL;
if (a == NULL)
return -1;
ai = &a->cert_info; ai = &a->cert_info;
bi = &b->cert_info; bi = &b->cert_info;
i = ASN1_INTEGER_cmp(&ai->serialNumber, &bi->serialNumber); i = ASN1_INTEGER_cmp(&ai->serialNumber, &bi->serialNumber);
@ -161,8 +165,12 @@ int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
{ {
int ret; int ret;
/* Ensure canonical encoding is present and up to date */ if (b == NULL)
return a != NULL;
if (a == NULL)
return -1;
/* Ensure canonical encoding is present and up to date */
if (!a->canon_enc || a->modified) { if (!a->canon_enc || a->modified) {
ret = i2d_X509_NAME((X509_NAME *)a, NULL); ret = i2d_X509_NAME((X509_NAME *)a, NULL);
if (ret < 0) if (ret < 0)