On Fri, Jun 02, 2006, Remo Inverardi wrote: > Steve, > > >The only case it would cover is where an application wrongly assumes that > >the > >field must be non-NULL. > > The reason why I thought this should be fixed in OpenSSL rather than in > the application code is the following: the application doesn't actually > do anything 'wrong'. > > It neither accesses structure fields directly, nor does it pass any > invalid arguments to the functions it calls. It simply > > 1) loads an X509_REQ, and > 2) add extensions to it using X509_REQ_add_extensions(). > > If the 'attributes' fields is missing from the request, the call to > X509_REQ_add_extensions() crashes. Therefore, I though fixing the > request while loading might be a proper solution. >
I see. Well that is probably best fixed within X509_REQ_add_extensions() itself by checking to see if the field is NULL and allocating it if necessary. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
