git.openssl.org Git - openssl.git/commit

author	Neil Horman <nhorman@openssl.org>
	Tue, 2 Jan 2024 20:48:00 +0000 (15:48 -0500)
committer	Neil Horman <nhorman@openssl.org>
	Fri, 5 Jan 2024 19:01:13 +0000 (14:01 -0500)
commit	a693d69cd8b4b88a81f3e8174dcf90bbed4cbb53
tree	03fc5074f65da686504f3de3bf95253637d1f2bf	tree \| snapshot
parent	7043f6924a80f3f6f137f680aae4c968d03f3ba3	commit \| diff

Validate config options during x509 extension creation

There are several points during x509 extension creation which rely on
configuration options which may have been incorrectly parsed due to
invalid settings. Preform a value check for null in those locations to
avoid various crashes/undefined behaviors

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23183)

(cherry picked from commit bac7e687d71b124b09ad6ad3e15be9b38c08a1ba)

crypto/x509/v3_addr.c		diff \| blob \| history
crypto/x509/v3_asid.c		diff \| blob \| history
crypto/x509/v3_crld.c		diff \| blob \| history
crypto/x509/v3_ist.c		diff \| blob \| history
test/invalid-x509.cnf	[new file with mode: 0644]	blob
test/recipes/25-test_x509.t		diff \| blob \| history