Sorry I don't show easy solution for repair this bug
/crypto/X509v3/v3_cpols.c in function policy_section() is only need add this
two lines:
if(!pol->qualifiers) pol->qualifiers =
sk_POLICYQUALINFO_new_null();
(they are written few lines above too! (in CSP statement) )
here
static POLICYINFO *policy_section(X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *polstrs, int ia5org)
....
} else if(!name_cmp(cnf->name, "userNotice")) {
STACK_OF(CONF_VALUE) *unot;
+> if(!pol->qualifiers) pol->qualifiers =
+> sk_POLICYQUALINFO_new_null();
if(*cnf->value != '@') {
....
Martin
(RFC 2459 don't say that userNotice must be used only with CPS pointer)
> Hi devs,
> in function policy_section() if first policy qualifier is UserNotice
memory
> isn't allocate for *pol->qualifiers*.
> If first is CPS all is OK.
>
> Martin
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> Development Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
