Don't crash on a missing Subject in index.txt

[openssl.git] / apps / ca.c

diff --git a/apps/ca.c b/apps/ca.c
index ea2750a3f8f8c75276c48ed4bf31d00a55150a6e..9b1d9bdaac8f9003695e788ad1c5632b6493dace 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -663,6 +663,10 @@ end_of_options:
                 goto end;
             }
         }
+        if (pp[DB_name][0] == '\0') {
+            BIO_printf(bio_err, "entry %d: bad Subject\n", i + 1);
+            goto end;
+        }
     }
     if (verbose) {
         TXT_DB_write(bio_out, db->db);
@@ -1403,6 +1407,10 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
         BIO_printf(bio_err, "The Subject's Distinguished Name is as follows\n");
 
     name = X509_REQ_get_subject_name(req);
+    if (X509_NAME_entry_count(name) == 0) {
+        BIO_printf(bio_err, "Error: The supplied Subject is empty\n");
+        goto end;
+    }
     for (i = 0; i < X509_NAME_entry_count(name); i++) {
         ne = X509_NAME_get_entry(name, i);
         str = X509_NAME_ENTRY_get_data(ne);
@@ -1565,6 +1573,12 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
             goto end;
     }
 
+    if (X509_NAME_entry_count(subject) == 0) {
+        BIO_printf(bio_err,
+                   "Error: After applying policy the Subject is empty\n");
+        goto end;
+    }
+
     if (verbose)
         BIO_printf(bio_err,
                    "The subject name appears to be ok, checking data base for clashes\n");