Reject empty generation strings.

author Dr. Stephen Henson <steve@openssl.org>

Wed, 15 Apr 2015 23:21:05 +0000 (00:21 +0100)

committer Dr. Stephen Henson <steve@openssl.org>

Thu, 16 Apr 2015 15:07:41 +0000 (16:07 +0100)
author Dr. Stephen Henson <steve@openssl.org>
Wed, 15 Apr 2015 23:21:05 +0000 (00:21 +0100)
committer Dr. Stephen Henson <steve@openssl.org>
Thu, 16 Apr 2015 15:07:41 +0000 (16:07 +0100)
diff --git a/crypto/asn1/asn1_gen.c b/crypto/asn1/asn1_gen.c

index 132a9ef468f69bbd473e31f71aa69901303863f2..e303d11993906d73b6c365195f7e711aafc3f30a 100644 (file)
--- a/crypto/asn1/asn1_gen.c
+++ b/crypto/asn1/asn1_gen.c
@@ -152,8 +152,10 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
      asn1_tags.imp_class = -1;
      asn1_tags.format = ASN1_GEN_FORMAT_ASCII;
      asn1_tags.exp_count = 0;
-    if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0)
+    if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0) {
+        *perr = ASN1_R_UNKNOWN_TAG;
          return NULL;
+    }
  
      if ((asn1_tags.utype == V_ASN1_SEQUENCE)
          || (asn1_tags.utype == V_ASN1_SET)) {
@@ -279,6 +281,9 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
  
      int tmp_tag, tmp_class;
  
+    if (elem == NULL)
+        return -1;
+
      for (i = 0, p = elem; i < len; p++, i++) {
          /* Look for the ':' in name value pairs */
          if (*p == ':') {
author	Dr. Stephen Henson <steve@openssl.org>
	Wed, 15 Apr 2015 23:21:05 +0000 (00:21 +0100)
committer	Dr. Stephen Henson <steve@openssl.org>
	Thu, 16 Apr 2015 15:07:41 +0000 (16:07 +0100)