Multiblock corrupted pointer fix

[openssl.git] / apps / ocsp.c

diff --git a/apps/ocsp.c b/apps/ocsp.c
index 4b9d6f6b330d3c63736a78f68a7fa9f82c29a674..83a71752b10c760a7cb6c2162a3c00b828678bbc 100644 (file)
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -537,6 +537,8 @@ int MAIN(int argc, char **argv)
                    "-CAfile file         trusted certificates file\n");
         BIO_printf(bio_err,
                    "-trusted_first       use locally trusted CA's first when building trust chain\n");
+        BIO_printf(bio_err,
+                   "-no_alt_chains       only ever use the first certificate chain found\n");
         BIO_printf(bio_err,
                    "-VAfile file         validator certificates file\n");
         BIO_printf(bio_err,
@@ -1108,8 +1110,12 @@ static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req,
 
     OCSP_basic_sign(bs, rcert, rkey, rmd, rother, flags);
 
-    if (badsig)
-        bs->signature->data[bs->signature->length - 1] ^= 0x1;
+    if (badsig) {
+        ASN1_OCTET_STRING *sig = OCSP_resp_get0_signature(bs);
+        unsigned char *sigptr;
+        sigptr = ASN1_STRING_data(sig);
+        sigptr[ASN1_STRING_length(sig) - 1] ^= 0x1;
+    }
 
     *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_SUCCESSFUL, bs);