CVSROOT: /cvs
Module name: src
Changes by: t...@cvs.openbsd.org 2019/04/22 11:10:01
Modified files:
lib/libcrypto/x509v3: v3_akey.c v3_alt.c
Log message:
Avoid potential double frees in i2v_AUTHORITY_KEYID(), i2v_GENERAL_NAME()
and i2v_GENERAL_NAMES() by taking ownership of the extlist only if we
were passed NULL. Otherwise it remains the caller's responsibility to
free it. To do so, we allocate the extlist explicitly instead of using
X509V3_add_value()'s implicit allocation feature. Preserve behavior in
i2v_AUTHORITY_KEYID() by adding an explicit check that something was
pushed onto the stack.
The other i2v_* functions will receive a similar treatment in upcoming
commits.
ok jsing
