ensure the pointer is valid before using it

[openssl.git] / crypto / ts / ts_rsp_sign.c

diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c
index ea4506a9ee8f62f3eb0bb34e32349e8bcf975a81..0c8e636fdf6a76f895abe52c7b0c125669d632e9 100644 (file)
--- a/crypto/ts/ts_rsp_sign.c
+++ b/crypto/ts/ts_rsp_sign.c
@@ -466,18 +466,21 @@ TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio)
        if (!result)
                {
                TSerr(TS_F_TS_RESP_CREATE_RESPONSE, TS_R_RESPONSE_SETUP_ERROR);
        if (!result)
                {
                TSerr(TS_F_TS_RESP_CREATE_RESPONSE, TS_R_RESPONSE_SETUP_ERROR);

-               TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION,
-                                                "Error during response "
-                                                "generation.");
-               /* Check if the status info was set. */
-               if (ctx->response
-                   && ASN1_INTEGER_get(
-                           TS_RESP_get_status_info(ctx->response)->status)
-                   == TS_STATUS_GRANTED)
+               if (ctx != NULL)

                        {
                        {

-                       /* Status info wasn't set, don't return a response. */
-                       TS_RESP_free(ctx->response);
-                       ctx->response = NULL;
+                       TS_RESP_CTX_set_status_info_cond(ctx,
+                               TS_STATUS_REJECTION, "Error during response "
+                               "generation.");
+                       /* Check if the status info was set. */
+                       if (ctx->response && ASN1_INTEGER_get(
+                           TS_RESP_get_status_info(ctx->response)->status)
+                           == TS_STATUS_GRANTED)
+                               {
+                               /* Status info wasn't set, don't
+                                * return a response. */
+                               TS_RESP_free(ctx->response);
+                               ctx->response = NULL;
+                               }

                        }
                }
        response = ctx->response;
                        }
                }
        response = ctx->response;


@@ -512,7 +515,7 @@ static int TS_RESP_check_request(TS_RESP_CTX *ctx)
        TS_MSG_IMPRINT *msg_imprint;
        X509_ALGOR *md_alg;
        int md_alg_id;
        TS_MSG_IMPRINT *msg_imprint;
        X509_ALGOR *md_alg;
        int md_alg_id;

-       ASN1_OCTET_STRING *digest;
+       const ASN1_OCTET_STRING *digest;

        EVP_MD *md = NULL;
        int i;
 
        EVP_MD *md = NULL;
        int i;
 


@@ -567,13 +570,18 @@ static int TS_RESP_check_request(TS_RESP_CTX *ctx)
        return 1;
        }
 
        return 1;
        }
 

-/* Returns the TSA policy based on the rqeuested and acceptable policies. */
+/* Returns the TSA policy based on the requested and acceptable policies. */

 static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx)
        {
        ASN1_OBJECT *requested = TS_REQ_get_policy_id(ctx->request);
        ASN1_OBJECT *policy = NULL;
        int i;
 
 static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx)
        {
        ASN1_OBJECT *requested = TS_REQ_get_policy_id(ctx->request);
        ASN1_OBJECT *policy = NULL;
        int i;
 

+       if (ctx->default_policy == NULL)
+               {
+               TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_INVALID_NULL_POINTER);
+               return NULL;
+               }

        /* Return the default policy if none is requested or the default is
           requested. */
        if (!requested || !OBJ_cmp(requested, ctx->default_policy))
        /* Return the default policy if none is requested or the default is
           requested. */
        if (!requested || !OBJ_cmp(requested, ctx->default_policy))


@@ -607,7 +615,7 @@ static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx,
        ASN1_GENERALIZEDTIME *asn1_time = NULL;
        long sec, usec;
        TS_ACCURACY *accuracy = NULL;
        ASN1_GENERALIZEDTIME *asn1_time = NULL;
        long sec, usec;
        TS_ACCURACY *accuracy = NULL;

-       ASN1_INTEGER *nonce;
+       const ASN1_INTEGER *nonce;

        GENERAL_NAME *tsa_name = NULL;
 
        if (!(tst_info = TS_TST_INFO_new())) goto end;
        GENERAL_NAME *tsa_name = NULL;
 
        if (!(tst_info = TS_TST_INFO_new())) goto end;


@@ -689,7 +697,14 @@ static int TS_RESP_process_extensions(TS_RESP_CTX *ctx)
        for (i = 0; ok && i < sk_X509_EXTENSION_num(exts); ++i)
                {
                X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
        for (i = 0; ok && i < sk_X509_EXTENSION_num(exts); ++i)
                {
                X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);

-               ok = (*ctx->extension_cb)(ctx, ext, (void *)ctx->extension_cb);
+               /* XXXXX The last argument was previously
+                  (void *)ctx->extension_cb, but ISO C doesn't permit
+                  converting a function pointer to void *.  For lack of
+                  better information, I'm placing a NULL there instead.
+                  The callback can pick its own address out from the ctx
+                  anyway...
+               */
+               ok = (*ctx->extension_cb)(ctx, ext, NULL);

                }
 
        return ok;
                }
 
        return ok;