diff options
| author | Philip Guenther <guenther@cvs.openbsd.org> | 2014-07-22 06:55:23 +0000 |
|---|---|---|
| committer | Philip Guenther <guenther@cvs.openbsd.org> | 2014-07-22 06:55:23 +0000 |
| commit | d47cb3a988de02d8b3fc1ac5c2f3400b346631dd (patch) | |
| tree | 755f9ff97ec2884042d0db9bf4e159f642d76f0d | |
| parent | 2e02df04f39c597fbb781831fcda02442fe82e6c (diff) | |
Handle failure of NETSCAPE_SPKI_b64_encode() and don't leak memory
when BIO_new_{file,fp}() fails.
inspired by a diff from logan@ ok miod@
| -rw-r--r-- | lib/libssl/src/apps/spkac.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/lib/libssl/src/apps/spkac.c b/lib/libssl/src/apps/spkac.c index 3eef33061d2..b13a83d0970 100644 --- a/lib/libssl/src/apps/spkac.c +++ b/lib/libssl/src/apps/spkac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: spkac.c,v 1.21 2014/07/14 00:35:10 deraadt Exp $ */ +/* $OpenBSD: spkac.c,v 1.22 2014/07/22 06:55:22 guenther Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. Based on an original idea by Massimiliano Pala * (madwolf@openca.org). @@ -190,21 +190,25 @@ bad: NETSCAPE_SPKI_set_pubkey(spki, pkey); NETSCAPE_SPKI_sign(spki, pkey, EVP_md5()); spkstr = NETSCAPE_SPKI_b64_encode(spki); + if (spkstr == NULL) { + BIO_printf(bio_err, "Error encoding SPKAC\n"); + ERR_print_errors(bio_err); + goto end; + } if (outfile) out = BIO_new_file(outfile, "w"); - else { + else out = BIO_new_fp(stdout, BIO_NOCLOSE); - } if (!out) { BIO_printf(bio_err, "Error opening output file\n"); ERR_print_errors(bio_err); - goto end; + } else { + BIO_printf(out, "SPKAC=%s\n", spkstr); + ret = 0; } - BIO_printf(out, "SPKAC=%s\n", spkstr); free(spkstr); - ret = 0; goto end; } if (infile) |