summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorTed Unangst <tedu@cvs.openbsd.org>2014-06-19 21:24:36 +0000
committerTed Unangst <tedu@cvs.openbsd.org>2014-06-19 21:24:36 +0000
commitc8875cb7bb9304fbf8bd2c94eb5317b846932b68 (patch)
treefd15825e84d9a4b09bbc616b0431f0c56e229a1a /lib
parenta811001a115b937d2c98ecc3868271ed64e3b4f9 (diff)
check stack push return and make some effort to clean up. ok beck miod
Diffstat (limited to 'lib')
-rw-r--r--lib/libcrypto/x509/x509_vfy.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/libcrypto/x509/x509_vfy.c b/lib/libcrypto/x509/x509_vfy.c
index eac2e99fd18..4a485fc4847 100644
--- a/lib/libcrypto/x509/x509_vfy.c
+++ b/lib/libcrypto/x509/x509_vfy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.c,v 1.27 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: x509_vfy.c,v 1.28 2014/06/19 21:24:35 tedu Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -313,7 +313,11 @@ X509_verify_cert(X509_STORE_CTX *ctx)
ctx->current_cert = x;
} else {
- sk_X509_push(ctx->chain, chain_ss);
+ if (!sk_X509_push(ctx->chain, chain_ss)) {
+ X509_free(chain_ss);
+ X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
num++;
ctx->last_untrusted = num;
ctx->current_cert = chain_ss;