ensure the pointer is valid before using it
[openssl.git] / crypto / ts / ts_rsp_sign.c
index ea4506a..0c8e636 100644 (file)
@@ -466,18 +466,21 @@ TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio)
        if (!result)
                {
                TSerr(TS_F_TS_RESP_CREATE_RESPONSE, TS_R_RESPONSE_SETUP_ERROR);
-               TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION,
-                                                "Error during response "
-                                                "generation.");
-               /* Check if the status info was set. */
-               if (ctx->response
-                   && ASN1_INTEGER_get(
-                           TS_RESP_get_status_info(ctx->response)->status)
-                   == TS_STATUS_GRANTED)
+               if (ctx != NULL)
                        {
-                       /* Status info wasn't set, don't return a response. */
-                       TS_RESP_free(ctx->response);
-                       ctx->response = NULL;
+                       TS_RESP_CTX_set_status_info_cond(ctx,
+                               TS_STATUS_REJECTION, "Error during response "
+                               "generation.");
+                       /* Check if the status info was set. */
+                       if (ctx->response && ASN1_INTEGER_get(
+                           TS_RESP_get_status_info(ctx->response)->status)
+                           == TS_STATUS_GRANTED)
+                               {
+                               /* Status info wasn't set, don't
+                                * return a response. */
+                               TS_RESP_free(ctx->response);
+                               ctx->response = NULL;
+                               }
                        }
                }
        response = ctx->response;
@@ -512,7 +515,7 @@ static int TS_RESP_check_request(TS_RESP_CTX *ctx)
        TS_MSG_IMPRINT *msg_imprint;
        X509_ALGOR *md_alg;
        int md_alg_id;
-       ASN1_OCTET_STRING *digest;
+       const ASN1_OCTET_STRING *digest;
        EVP_MD *md = NULL;
        int i;
 
@@ -567,13 +570,18 @@ static int TS_RESP_check_request(TS_RESP_CTX *ctx)
        return 1;
        }
 
-/* Returns the TSA policy based on the rqeuested and acceptable policies. */
+/* Returns the TSA policy based on the requested and acceptable policies. */
 static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx)
        {
        ASN1_OBJECT *requested = TS_REQ_get_policy_id(ctx->request);
        ASN1_OBJECT *policy = NULL;
        int i;
 
+       if (ctx->default_policy == NULL)
+               {
+               TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_INVALID_NULL_POINTER);
+               return NULL;
+               }
        /* Return the default policy if none is requested or the default is
           requested. */
        if (!requested || !OBJ_cmp(requested, ctx->default_policy))
@@ -607,7 +615,7 @@ static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx,
        ASN1_GENERALIZEDTIME *asn1_time = NULL;
        long sec, usec;
        TS_ACCURACY *accuracy = NULL;
-       ASN1_INTEGER *nonce;
+       const ASN1_INTEGER *nonce;
        GENERAL_NAME *tsa_name = NULL;
 
        if (!(tst_info = TS_TST_INFO_new())) goto end;
@@ -689,7 +697,14 @@ static int TS_RESP_process_extensions(TS_RESP_CTX *ctx)
        for (i = 0; ok && i < sk_X509_EXTENSION_num(exts); ++i)
                {
                X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
-               ok = (*ctx->extension_cb)(ctx, ext, (void *)ctx->extension_cb);
+               /* XXXXX The last argument was previously
+                  (void *)ctx->extension_cb, but ISO C doesn't permit
+                  converting a function pointer to void *.  For lack of
+                  better information, I'm placing a NULL there instead.
+                  The callback can pick its own address out from the ctx
+                  anyway...
+               */
+               ok = (*ctx->extension_cb)(ctx, ext, NULL);
                }
 
        return ok;