check return values
authorBodo Möller <bodo@openssl.org>
Wed, 17 Apr 2002 09:31:34 +0000 (09:31 +0000)
committerBodo Möller <bodo@openssl.org>
Wed, 17 Apr 2002 09:31:34 +0000 (09:31 +0000)
Submitted by: Nils Larsch

CHANGES
apps/req.c

diff --git a/CHANGES b/CHANGES
index 6670ed5..10b23de 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1627,6 +1627,9 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
 
  Changes between 0.9.6c and 0.9.6d  [XX xxx 2002]
 
+  *) Check various X509_...() return values in apps/req.c.
+     [Nils Larsch <nla@trustcenter.de>]
+
   *) Fix BASE64 decode (EVP_DecodeUpdate) for data with CR/LF ended lines:
      an end-of-file condition would erronously be flagged, when the CRLF
      was just at the end of a processed block. The bug was discovered when
index ba2167a..629a604 100644 (file)
@@ -310,7 +310,7 @@ int MAIN(int argc, char **argv)
                                                goto end;
                                                }
 
-                                       dtmp=X509_get_pubkey(xtmp);
+                                       if ((dtmp=X509_get_pubkey(xtmp)) == NULL) goto end;
                                        if (dtmp->type == EVP_PKEY_DSA)
                                                dsa_params=DSAparams_dup(dtmp->pkey.dsa);
                                        EVP_PKEY_free(dtmp);
@@ -350,7 +350,7 @@ int MAIN(int argc, char **argv)
                                                goto end;
                                                }
 
-                                       dtmp=X509_get_pubkey(xtmp);
+                                       if ((dtmp=X509_get_pubkey(xtmp)) == NULL) goto end;
                                        if (dtmp->type == EVP_PKEY_ECDSA)
                                                ecdsa_params = ECDSAParameters_dup(dtmp->pkey.ecdsa);
                                        EVP_PKEY_free(dtmp);
@@ -888,19 +888,20 @@ loop:
                        /* Set version to V3 */
                        if(!X509_set_version(x509ss, 2)) goto end;
                        if (serial)
-                               X509_set_serialNumber(x509ss, serial);
+                               {
+                               if (!X509_set_serialNumber(x509ss, serial)) goto end;
+                               }
                        else
-                               ASN1_INTEGER_set(X509_get_serialNumber(x509ss),0L);
-
-                       X509_set_issuer_name(x509ss,
-                               X509_REQ_get_subject_name(req));
-                       X509_gmtime_adj(X509_get_notBefore(x509ss),0);
-                       X509_gmtime_adj(X509_get_notAfter(x509ss),
-                               (long)60*60*24*days);
-                       X509_set_subject_name(x509ss,
-                               X509_REQ_get_subject_name(req));
+                               {
+                               if (!ASN1_INTEGER_set(X509_get_serialNumber(x509ss),0L)) goto end;
+                               }
+
+                       if (!X509_set_issuer_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
+                       if (!X509_gmtime_adj(X509_get_notBefore(x509ss),0)) goto end;
+                       if (!X509_gmtime_adj(X509_get_notAfter(x509ss), (long)60*60*24*days)) goto end;
+                       if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
                        tmppkey = X509_REQ_get_pubkey(req);
-                       X509_set_pubkey(x509ss,tmppkey);
+                       if (!tmppkey || !X509_set_pubkey(x509ss,tmppkey)) goto end;
                        EVP_PKEY_free(tmppkey);
 
                        /* Set up V3 context struct */
@@ -1202,7 +1203,7 @@ static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *subj, int attribs,
                }
        if(!i) goto err;
 
-       X509_REQ_set_pubkey(req,pkey);
+       if (!X509_REQ_set_pubkey(req,pkey)) goto err;
 
        ret=1;
 err: