diff options
author | Ted Unangst <tedu@cvs.openbsd.org> | 2014-06-19 21:24:36 +0000 |
---|---|---|
committer | Ted Unangst <tedu@cvs.openbsd.org> | 2014-06-19 21:24:36 +0000 |
commit | c8875cb7bb9304fbf8bd2c94eb5317b846932b68 (patch) | |
tree | fd15825e84d9a4b09bbc616b0431f0c56e229a1a /lib | |
parent | a811001a115b937d2c98ecc3868271ed64e3b4f9 (diff) |
check stack push return and make some effort to clean up. ok beck miod
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libcrypto/x509/x509_vfy.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/libcrypto/x509/x509_vfy.c b/lib/libcrypto/x509/x509_vfy.c index eac2e99fd18..4a485fc4847 100644 --- a/lib/libcrypto/x509/x509_vfy.c +++ b/lib/libcrypto/x509/x509_vfy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_vfy.c,v 1.27 2014/06/12 15:49:31 deraadt Exp $ */ +/* $OpenBSD: x509_vfy.c,v 1.28 2014/06/19 21:24:35 tedu Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -313,7 +313,11 @@ X509_verify_cert(X509_STORE_CTX *ctx) ctx->current_cert = x; } else { - sk_X509_push(ctx->chain, chain_ss); + if (!sk_X509_push(ctx->chain, chain_ss)) { + X509_free(chain_ss); + X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE); + return 0; + } num++; ctx->last_untrusted = num; ctx->current_cert = chain_ss; |