diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2022-05-20 08:04:22 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2022-05-20 08:04:22 +0000 |
| commit | eb4b75344771dd38eb7b935bb24fb67baedd13f2 (patch) | |
| tree | b8aac87716181cfbcef3f1d509ef6e3d5ab2ca16 /lib/libcrypto/asn1 | |
| parent | ef43f4f183ba084d3215bdd0b4b4646f98399063 (diff) | |
Drop *out == NULL check in ASN1_STRING_to_UTF8()
Unfortunately, several things in the ecosystem depend on the existing
API behavior of being able to pass in an uninitialized pointer on the
stack: haproxy, grpc, mongo-tools and others show up on the first two
pages of Debian codesearch.
ok jsing
Diffstat (limited to 'lib/libcrypto/asn1')
| -rw-r--r-- | lib/libcrypto/asn1/a_string.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/libcrypto/asn1/a_string.c b/lib/libcrypto/asn1/a_string.c index 411c9bc9093..ef36f50c0d4 100644 --- a/lib/libcrypto/asn1/a_string.c +++ b/lib/libcrypto/asn1/a_string.c @@ -1,4 +1,4 @@ -/* $OpenBSD: a_string.c,v 1.10 2022/05/16 20:51:26 tb Exp $ */ +/* $OpenBSD: a_string.c,v 1.11 2022/05/20 08:04:21 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -280,7 +280,11 @@ ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in) int mbflag; int ret = -1; - if (out == NULL || *out != NULL) + /* + * XXX We can't fail on *out != NULL here since things like haproxy and + * grpc pass in a pointer to an uninitialized pointer on the stack. + */ + if (out == NULL) goto err; if (in == NULL) |