do_dirname: Don't change gen on failures

It would set gen->d.dirn to a freed pointer in case X509V3_NAME_from_section failed. Reviewed-by: N Rich Salz <rsalz@openssl.org>

do_dirname: Don't change gen on failures
It would set gen->d.dirn to a freed pointer in case X509V3_NAME_from_section failed. Reviewed-by: N Rich Salz <rsalz@openssl.org>
8ec5c5dd · Kurt Roeckx · f49baeff · 8ec5c5dd
隐藏空白更改
内联并排

Showing with 10 addition and 8 deletion

crypto/x509v3/v3_alt.c crypto/x509v3/v3_alt.c +10 -8

未找到文件。
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -586,24 +586,26 @@ static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)

 static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
 {
-    int ret;
-    STACK_OF(CONF_VALUE) *sk;
-    X509_NAME *nm;
+    int ret = 0;
+    STACK_OF(CONF_VALUE) *sk = NULL;
+    X509_NAME *nm = NULL;
    if (!(nm = X509_NAME_new()))
-        return 0;
+        goto err;
    sk = X509V3_get_section(ctx, value);
    if (!sk) {
        X509V3err(X509V3_F_DO_DIRNAME, X509V3_R_SECTION_NOT_FOUND);
        ERR_add_error_data(2, "section=", value);
-        X509_NAME_free(nm);
-        return 0;
+        goto err;
    }
    /* FIXME: should allow other character types... */
    ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC);
    if (!ret)
-        X509_NAME_free(nm);
+        goto err;
    gen->d.dirn = nm;
-    X509V3_section_free(ctx, sk);

+err:
+    if (ret == 0)
+        X509_NAME_free(nm);
+    X509V3_section_free(ctx, sk);
    return ret;
 }