RE: [openssl.org #2612] AutoReply: Segfault protection in X509v3 extension API - PATCH

Fri, 23 Sep 2011 02:09:51 -0700 

Please find attached below a revised patch that provides further protection 
against segmentation faults in the X509v3 extension API



Best Regards

Nick



--------------------



diff --git a/crypto/x509v3/v3_prn.c b/crypto/x509v3/v3_prn.c

index 3146218..094861e 100755

--- a/crypto/x509v3/v3_prn.c

+++ b/crypto/x509v3/v3_prn.c

@@ -118,7 +118,7 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, 
unsigned long flag, int inde

                return unknown_ext_print(out, ext, flag, indent, 0);

        p = ext->value->data;

        if(method->it) ext_str = ASN1_item_d2i(NULL, &p, ext->value->length, 
ASN1_ITEM_ptr(method->it));

-       else ext_str = method->d2i(NULL, &p, ext->value->length);

+       else if(method->d2i) ext_str = method->d2i(NULL, &p, 
ext->value->length);



        if(!ext_str) return unknown_ext_print(out, ext, flag, indent, 1);



@@ -158,7 +158,7 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, 
unsigned long flag, int inde

                sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);

                if(value) OPENSSL_free(value);

                if(method->it) ASN1_item_free(ext_str, 
ASN1_ITEM_ptr(method->it));

-               else method->ext_free(ext_str);

+               else if (method->ext_free) method->ext_free(ext_str);

                return ok;

 }











The details of this company are as follows:

G4S Technology Limited, Registered Office: Challenge House, International 
Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338.



This communication may contain information which is confidential, personal 
and/or privileged.



It is for the exclusive use of the intended recipient(s).

If you are not the intended recipient(s), please note that any distribution, 
forwarding, copying or use of this communication or the information in it is 
strictly prohibited.



Any personal views expressed in this e-mail are those of the individual sender 
and the company does not endorse or accept responsibility for them.



Prior to taking any action based upon this e-mail message, you should seek 
appropriate confirmation of its authenticity.



This e-mail has been scanned for all viruses by MessageLabs.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [email protected]
Automated List Manager                           [email protected]

Reply via email to