Bug fix in ossl_cmp_certRep_new(): must allocate empty extraCerts stack
authorDr. David von Oheimb <David.von.Oheimb@siemens.com>
Fri, 29 May 2020 15:10:48 +0000 (17:10 +0200)
committerDr. David von Oheimb <David.von.Oheimb@siemens.com>
Sat, 13 Jun 2020 13:13:21 +0000 (15:13 +0200)
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11998)

crypto/cmp/cmp_msg.c

index bbce90c..9735a1c 100644 (file)
@@ -23,6 +23,7 @@
 DEFINE_STACK_OF(OSSL_CMP_CERTSTATUS)
 DEFINE_STACK_OF(OSSL_CMP_ITAV)
 DEFINE_STACK_OF(GENERAL_NAME)
+DEFINE_STACK_OF(X509)
 DEFINE_STACK_OF(X509_EXTENSION)
 DEFINE_STACK_OF(OSSL_CMP_PKISI)
 DEFINE_STACK_OF(OSSL_CRMF_MSG)
@@ -426,9 +427,12 @@ OSSL_CMP_MSG *ossl_cmp_certRep_new(OSSL_CMP_CTX *ctx, int bodytype,
     if (bodytype == OSSL_CMP_PKIBODY_IP && caPubs != NULL
             && (repMsg->caPubs = X509_chain_up_ref(caPubs)) == NULL)
         goto err;
-    if (chain != NULL
-            && !ossl_cmp_sk_X509_add1_certs(msg->extraCerts, chain, 0, 1, 0))
+    if (sk_X509_num(chain) > 0) {
+        msg->extraCerts = sk_X509_new_reserve(NULL, sk_X509_num(chain));
+        if (msg->extraCerts == NULL
+            || !ossl_cmp_sk_X509_add1_certs(msg->extraCerts, chain, 0, 1, 0))
         goto err;
+    }
 
     if (!unprotectedErrors
             || ossl_cmp_pkisi_get_status(si) != OSSL_CMP_PKISTATUS_rejection)