static int policy_cache_create(X509 *x,
CERTIFICATEPOLICIES *policies, int crit)
{
- int i;
- int ret = 0;
+ int i, ret = 0;
X509_POLICY_CACHE *cache = x->policy_cache;
X509_POLICY_DATA *data = NULL;
POLICYINFO *policy;
+
if (sk_POLICYINFO_num(policies) == 0)
goto bad_policy;
cache->data = sk_X509_POLICY_DATA_new(policy_data_cmp);
- if (cache->data == NULL)
- goto bad_policy;
+ if (cache->data == NULL) {
+ X509V3err(X509V3_F_POLICY_CACHE_CREATE, ERR_R_MALLOC_FAILURE);
+ goto just_cleanup;
+ }
for (i = 0; i < sk_POLICYINFO_num(policies); i++) {
policy = sk_POLICYINFO_value(policies, i);
data = policy_data_new(policy, NULL, crit);
- if (data == NULL)
- goto bad_policy;
+ if (data == NULL) {
+ X509V3err(X509V3_F_POLICY_CACHE_CREATE, ERR_R_MALLOC_FAILURE);
+ goto just_cleanup;
+ }
/*
* Duplicate policy OIDs are illegal: reject if matches found.
*/
} else if (sk_X509_POLICY_DATA_find(cache->data, data) != -1) {
ret = -1;
goto bad_policy;
- } else if (!sk_X509_POLICY_DATA_push(cache->data, data))
+ } else if (!sk_X509_POLICY_DATA_push(cache->data, data)) {
+ X509V3err(X509V3_F_POLICY_CACHE_CREATE, ERR_R_MALLOC_FAILURE);
goto bad_policy;
+ }
data = NULL;
}
ret = 1;
+
bad_policy:
if (ret == -1)
x->ex_flags |= EXFLAG_INVALID_POLICY;
policy_data_free(data);
+ just_cleanup:
sk_POLICYINFO_pop_free(policies, POLICYINFO_free);
if (ret <= 0) {
sk_X509_POLICY_DATA_pop_free(cache->data, policy_data_free);
if (x->policy_cache != NULL)
return 1;
cache = OPENSSL_malloc(sizeof(*cache));
- if (cache == NULL)
+ if (cache == NULL) {
+ X509V3err(X509V3_F_POLICY_CACHE_NEW, ERR_R_MALLOC_FAILURE);
return 0;
+ }
cache->anyPolicy = NULL;
cache->data = NULL;
cache->any_skip = -1;