[openssl.org #2090] [patch] NULL-pointer handling in asn1_multi()

Martin Kaiser via RT Tue, 03 Nov 2009 00:38:10 -0800

Dear all,

another case where NULL should be handled is asn1_multi(). It looks like


   sk = sk_ASN1_TYPE_new_null();
   [...]
         sk_ASN1_TYPE_push(sk, typ);
 
sk_ASN1_TYPE_push() is defined as sk_push(), which dereferences sk. A
simple patch is attached.

Best regards,

   Martin

diff --git a/crypto/asn1/asn1_gen.c b/crypto/asn1/asn1_gen.c
index ec18cbf..60898b9 100644
--- a/crypto/asn1/asn1_gen.c
+++ b/crypto/asn1/asn1_gen.c
@@ -452,6 +452,8 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
 	int derlen;
 	int i;
 	sk = sk_ASN1_TYPE_new_null();
+	if (!sk)
+		goto bad;
 	if (section)
 		{
 		if (!cnf)

[openssl.org #2090] [patch] NULL-pointer handling in asn1_multi()

Reply via email to