Fix missing return checks in v3_cpols.c
authorMatt Caswell <matt@openssl.org>
Wed, 11 Mar 2015 20:50:20 +0000 (20:50 +0000)
committerMatt Caswell <matt@openssl.org>
Thu, 12 Mar 2015 09:24:25 +0000 (09:24 +0000)
Fixed assorted missing return value checks in c3_cpols.c

Reviewed-by: Rich Salz <rsalz@openssl.org>
crypto/x509v3/v3_cpols.c

index 139b8f2..9826859 100644 (file)
@@ -230,8 +230,12 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
                 goto merr;
             if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
                 goto merr;
-            qual->pqualid = OBJ_nid2obj(NID_id_qt_cps);
-            qual->d.cpsuri = M_ASN1_IA5STRING_new();
+            if(!(qual->pqualid = OBJ_nid2obj(NID_id_qt_cps))) {
+                X509V3err(X509V3_F_POLICY_SECTION, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+            if(!(qual->d.cpsuri = M_ASN1_IA5STRING_new()))
+                goto merr;
             if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value,
                                  strlen(cnf->value)))
                 goto merr;
@@ -290,14 +294,18 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
     POLICYQUALINFO *qual;
     if (!(qual = POLICYQUALINFO_new()))
         goto merr;
-    qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice);
+    if(!(qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice))) {
+        X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
     if (!(not = USERNOTICE_new()))
         goto merr;
     qual->d.usernotice = not;
     for (i = 0; i < sk_CONF_VALUE_num(unot); i++) {
         cnf = sk_CONF_VALUE_value(unot, i);
         if (!strcmp(cnf->name, "explicitText")) {
-            not->exptext = M_ASN1_VISIBLESTRING_new();
+            if(!(not->exptext = M_ASN1_VISIBLESTRING_new()))
+                goto merr;
             if (!ASN1_STRING_set(not->exptext, cnf->value,
                                  strlen(cnf->value)))
                 goto merr;