summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorClaudio Jeker <claudio@cvs.openbsd.org>2019-06-20 16:09:16 +0000
committerClaudio Jeker <claudio@cvs.openbsd.org>2019-06-20 16:09:16 +0000
commit770e714ee8bab02ced4eea6655d924a3aea117f3 (patch)
tree35fcf22bba9636e6eecb0fc38174d68bc9d8f22d
parent90dcf3a26adbc24b26a9bad51a7bdc29e9dee978 (diff)
If x509_get_ski_aki() fails because one of the ski or aki objects are
missing, free the other object but also set the pointer back to NULL so that the caller does not do a double free(). Found with afl by jsg@
-rw-r--r--usr.sbin/rpki-client/x509.c11
1 files changed, 7 insertions, 4 deletions
diff --git a/usr.sbin/rpki-client/x509.c b/usr.sbin/rpki-client/x509.c
index 3efb361bee3..1a7b338a8f7 100644
--- a/usr.sbin/rpki-client/x509.c
+++ b/usr.sbin/rpki-client/x509.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.c,v 1.6 2019/06/20 15:29:01 claudio Exp $ */
+/* $OpenBSD: x509.c,v 1.7 2019/06/20 16:09:15 claudio Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
@@ -79,7 +79,8 @@ x509_get_aki_ext(X509_EXTENSION *ext, const char *fn)
cryptowarnx("%s: RFC 6487 section 4.8.3: AKI: "
"failed ASN.1 sub-sequence parse", fn);
goto out;
- } else if (sk_ASN1_TYPE_num(seq) != 1) {
+ }
+ if (sk_ASN1_TYPE_num(seq) != 1) {
warnx("%s: RFC 6487 section 4.8.3: AKI: "
"want 1 element, have %d", fn, sk_ASN1_TYPE_num(seq));
goto out;
@@ -205,14 +206,16 @@ x509_get_ski_aki(X509 *x, const char *fn, char **ski, char **aki)
cryptowarnx("%s: RFC 6487 section 4.8.3: AKI: "
"missing AKI X509 extension", fn);
free(*ski);
+ *ski = NULL;
return 0;
- } else if (*ski == NULL) {
+ }
+ if (*ski == NULL) {
cryptowarnx("%s: RFC 6487 section 4.8.2: AKI: "
"missing SKI X509 extension", fn);
free(*aki);
+ *aki = NULL;
return 0;
}
- assert(*ski != NULL && *aki != NULL);
return 1;
}