projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Complete synchronization of aes-x86_64 with aes-586.
[openssl.git] / crypto / x509v3 / v3_cpols.c
diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c
index 9784b1421ace7ceaadc9e38fadd74f72cdc12818..a40f490aa904ac62abb2f2304e21f0b3de0f972d 100644 (file)
--- a/crypto/x509v3/v3_cpols.c
+++ b/crypto/x509v3/v3_cpols.c
@@ -77,7 +77,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
                                        STACK_OF(CONF_VALUE) *unot, int ia5org);
 static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos);
 
-X509V3_EXT_METHOD v3_cpols = {
+const X509V3_EXT_METHOD v3_cpols = {
 NID_certificate_policies, 0,ASN1_ITEM_ref(CERTIFICATEPOLICIES),
 0,0,0,0,
 0,0,
@@ -139,7 +139,15 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
        CONF_VALUE *cnf;
        int i, ia5org;
        pols = sk_POLICYINFO_new_null();
+       if (pols == NULL) {
+               X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
+               return NULL;
+       }
        vals =  X509V3_parse_list(value);
+       if (vals == NULL) {
+               X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_X509V3_LIB);
+               goto err;
+       }
        ia5org = 0;
        for(i = 0; i < sk_CONF_VALUE_num(vals); i++) {
                cnf = sk_CONF_VALUE_value(vals, i);
@@ -178,6 +186,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
        sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
        return pols;
        err:
+       sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
        sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
        return NULL;
 }
Unnamed repository; edit this file 'description' to name the repository.