summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2003-01-24 02:12:01 +0100
committerDr. Stephen Henson <steve@openssl.org>2003-01-24 02:12:01 +0100
commitd3b5cb5343afa4e4ae64bee4621171e6b00aaa21 (patch)
tree308f89977f30d1eddebf02c5c596c515db47e0ef
parentWorkaround for lame compiler bug introduced in "CPU pack" for MSVC6SP5. (diff)
downloadopenssl-d3b5cb5343afa4e4ae64bee4621171e6b00aaa21.tar.xz
openssl-d3b5cb5343afa4e4ae64bee4621171e6b00aaa21.zip
Check return value of gmtime() and add error codes
where it fails in ASN1_TIME_set(). Edit asn1.h so the new error code is the same in 0.9.7 and 0.9.8, rebuild new error codes. Clear error queue in req.c if *_min or *_max is absent.
-rw-r--r--CHANGES4
-rw-r--r--apps/req.c6
-rw-r--r--crypto/asn1/a_time.c3
-rw-r--r--crypto/asn1/asn1.h61
-rw-r--r--crypto/asn1/asn1_err.c3
-rw-r--r--crypto/o_time.c3
6 files changed, 48 insertions, 32 deletions
diff --git a/CHANGES b/CHANGES
index 2fd057c41e..aa9a7ae8d1 100644
--- a/CHANGES
+++ b/CHANGES
@@ -381,6 +381,10 @@ TODO: bug: pad x with leading zeros if necessary
Changes between 0.9.7 and 0.9.7a [XX xxx 2003]
+ *) Under Win32 gmtime() can return NULL: check return value in
+ OPENSSL_gmtime(). Add error code for case where gmtime() fails.
+ [Steve Henson]
+
*) DSA routines: under certain error conditions uninitialized BN objects
could be freed. Solution: make sure initialization is performed early
enough. (Reported and fix supplied by Ivan D Nestlerode <nestler@MIT.EDU>,
diff --git a/apps/req.c b/apps/req.c
index 4fa5ae6fe8..3612114980 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -1318,11 +1318,17 @@ start: for (;;)
sprintf(buf,"%s_min",v->name);
if (!NCONF_get_number(req_conf,dn_sect,buf, &n_min))
+ {
+ ERR_clear_error();
n_min = -1;
+ }
sprintf(buf,"%s_max",v->name);
if (!NCONF_get_number(req_conf,dn_sect,buf, &n_max))
+ {
+ ERR_clear_error();
n_max = -1;
+ }
if (!add_DN_object(subj,v->value,def,value,nid,
n_min,n_max, chtype))
diff --git a/crypto/asn1/a_time.c b/crypto/asn1/a_time.c
index 3a03c9e4e4..7348da9457 100644
--- a/crypto/asn1/a_time.c
+++ b/crypto/asn1/a_time.c
@@ -105,7 +105,10 @@ ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
ts=OPENSSL_gmtime(&t,&data);
if (ts == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_TIME_SET, ASN1_R_ERROR_GETTING_TIME);
return NULL;
+ }
if((ts->tm_year >= 50) && (ts->tm_year < 150))
return ASN1_UTCTIME_set(s, t);
return ASN1_GENERALIZEDTIME_set(s,t);
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index 460e0eb6e7..0eb97fa62e 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -965,8 +965,8 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_A2I_ASN1_ENUMERATED 101
#define ASN1_F_A2I_ASN1_INTEGER 102
#define ASN1_F_A2I_ASN1_STRING 103
-#define ASN1_F_APPEND_TAG 177
-#define ASN1_F_ASN1_CB 178
+#define ASN1_F_APPEND_TAG 176
+#define ASN1_F_ASN1_CB 177
#define ASN1_F_ASN1_CHECK_TLEN 104
#define ASN1_F_ASN1_COLLATE_PRIMITIVE 105
#define ASN1_F_ASN1_COLLECT 106
@@ -977,7 +977,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_ASN1_DUP 111
#define ASN1_F_ASN1_ENUMERATED_SET 112
#define ASN1_F_ASN1_ENUMERATED_TO_BN 113
-#define ASN1_F_ASN1_GENERATE_V3 182
+#define ASN1_F_ASN1_GENERATE_V3 178
#define ASN1_F_ASN1_GET_OBJECT 114
#define ASN1_F_ASN1_HEADER_NEW 115
#define ASN1_F_ASN1_I2D_BIO 116
@@ -999,6 +999,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_ASN1_TEMPLATE_D2I 131
#define ASN1_F_ASN1_TEMPLATE_EX_D2I 132
#define ASN1_F_ASN1_TEMPLATE_NEW 133
+#define ASN1_F_ASN1_TIME_SET 175
#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
#define ASN1_F_ASN1_UNPACK_STRING 136
@@ -1028,15 +1029,14 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_D2I_X509_PKEY 159
#define ASN1_F_I2D_ASN1_TIME 160
#define ASN1_F_I2D_DSA_PUBKEY 161
-#define ASN1_F_I2D_ECDSA_PUBKEY 174
-#define ASN1_F_I2D_EC_PUBKEY 176
+#define ASN1_F_I2D_EC_PUBKEY 181
#define ASN1_F_I2D_NETSCAPE_RSA 162
#define ASN1_F_I2D_PRIVATEKEY 163
#define ASN1_F_I2D_PUBLICKEY 164
#define ASN1_F_I2D_RSA_PUBKEY 165
#define ASN1_F_LONG_C2I 166
-#define ASN1_F_OID_MODULE_INIT 175
-#define ASN1_F_PARSE_TAGGING 181
+#define ASN1_F_OID_MODULE_INIT 174
+#define ASN1_F_PARSE_TAGGING 182
#define ASN1_F_PKCS5_PBE2_SET 167
#define ASN1_F_X509_CINF_NEW 168
#define ASN1_F_X509_CRL_ADD0_REVOKED 169
@@ -1059,8 +1059,9 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_DATA_IS_WRONG 109
#define ASN1_R_DECODE_ERROR 110
#define ASN1_R_DECODING_ERROR 111
-#define ASN1_R_DEPTH_EXCEEDED 173
+#define ASN1_R_DEPTH_EXCEEDED 174
#define ASN1_R_ENCODE_ERROR 112
+#define ASN1_R_ERROR_GETTING_TIME 173
#define ASN1_R_ERROR_LOADING_SECTION 172
#define ASN1_R_ERROR_PARSING_SET_ELEMENT 113
#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114
@@ -1073,57 +1074,57 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_FIELD_MISSING 121
#define ASN1_R_FIRST_NUM_TOO_LARGE 122
#define ASN1_R_HEADER_TOO_LONG 123
-#define ASN1_R_ILLEGAL_BITSTRING_FORMAT 174
-#define ASN1_R_ILLEGAL_BOOLEAN 175
+#define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175
+#define ASN1_R_ILLEGAL_BOOLEAN 176
#define ASN1_R_ILLEGAL_CHARACTERS 124
-#define ASN1_R_ILLEGAL_FORMAT 176
-#define ASN1_R_ILLEGAL_HEX 177
-#define ASN1_R_ILLEGAL_IMPLICIT_TAG 178
-#define ASN1_R_ILLEGAL_INTEGER 179
-#define ASN1_R_ILLEGAL_NESTED_TAGGING 180
+#define ASN1_R_ILLEGAL_FORMAT 177
+#define ASN1_R_ILLEGAL_HEX 178
+#define ASN1_R_ILLEGAL_IMPLICIT_TAG 179
+#define ASN1_R_ILLEGAL_INTEGER 180
+#define ASN1_R_ILLEGAL_NESTED_TAGGING 181
#define ASN1_R_ILLEGAL_NULL 125
-#define ASN1_R_ILLEGAL_NULL_VALUE 181
-#define ASN1_R_ILLEGAL_OBJECT 182
+#define ASN1_R_ILLEGAL_NULL_VALUE 182
+#define ASN1_R_ILLEGAL_OBJECT 183
#define ASN1_R_ILLEGAL_OPTIONAL_ANY 126
#define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170
#define ASN1_R_ILLEGAL_TAGGED_ANY 127
-#define ASN1_R_ILLEGAL_TIME_VALUE 183
-#define ASN1_R_INTEGER_NOT_ASCII_FORMAT 184
+#define ASN1_R_ILLEGAL_TIME_VALUE 184
+#define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
#define ASN1_R_INVALID_BMPSTRING_LENGTH 129
#define ASN1_R_INVALID_DIGIT 130
-#define ASN1_R_INVALID_MODIFIER 185
-#define ASN1_R_INVALID_NUMBER 186
+#define ASN1_R_INVALID_MODIFIER 186
+#define ASN1_R_INVALID_NUMBER 187
#define ASN1_R_INVALID_SEPARATOR 131
#define ASN1_R_INVALID_TIME_FORMAT 132
#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
#define ASN1_R_INVALID_UTF8STRING 134
#define ASN1_R_IV_TOO_LARGE 135
#define ASN1_R_LENGTH_ERROR 136
-#define ASN1_R_LIST_ERROR 187
+#define ASN1_R_LIST_ERROR 188
#define ASN1_R_MISSING_EOC 137
#define ASN1_R_MISSING_SECOND_NUMBER 138
-#define ASN1_R_MISSING_VALUE 188
+#define ASN1_R_MISSING_VALUE 189
#define ASN1_R_MSTRING_NOT_UNIVERSAL 139
#define ASN1_R_MSTRING_WRONG_TAG 140
#define ASN1_R_NON_HEX_CHARACTERS 141
-#define ASN1_R_NOT_ASCII_FORMAT 189
+#define ASN1_R_NOT_ASCII_FORMAT 190
#define ASN1_R_NOT_ENOUGH_DATA 142
#define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
#define ASN1_R_NULL_IS_WRONG_LENGTH 144
-#define ASN1_R_OBJECT_NOT_ASCII_FORMAT 190
+#define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191
#define ASN1_R_ODD_NUMBER_OF_CHARS 145
#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146
#define ASN1_R_SECOND_NUMBER_TOO_LARGE 147
#define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148
#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
-#define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 195
+#define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192
#define ASN1_R_SHORT_LINE 150
#define ASN1_R_STRING_TOO_LONG 151
#define ASN1_R_STRING_TOO_SHORT 152
#define ASN1_R_TAG_VALUE_TOO_HIGH 153
#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
-#define ASN1_R_TIME_NOT_ASCII_FORMAT 191
+#define ASN1_R_TIME_NOT_ASCII_FORMAT 193
#define ASN1_R_TOO_LONG 155
#define ASN1_R_TYPE_NOT_CONSTRUCTED 156
#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
@@ -1133,13 +1134,13 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
#define ASN1_R_UNKNOWN_OBJECT_TYPE 162
#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163
-#define ASN1_R_UNKNOWN_TAG 192
-#define ASN1_R_UNKOWN_FORMAT 193
+#define ASN1_R_UNKNOWN_TAG 194
+#define ASN1_R_UNKOWN_FORMAT 195
#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
#define ASN1_R_UNSUPPORTED_CIPHER 165
#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166
#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
-#define ASN1_R_UNSUPPORTED_TYPE 194
+#define ASN1_R_UNSUPPORTED_TYPE 196
#define ASN1_R_WRONG_TAG 168
#define ASN1_R_WRONG_TYPE 169
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index 55aef5e790..d83ed65cdb 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -104,6 +104,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0), "ASN1_TEMPLATE_D2I"},
{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_EX_D2I,0), "ASN1_TEMPLATE_EX_D2I"},
{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_NEW,0), "ASN1_TEMPLATE_NEW"},
+{ERR_PACK(0,ASN1_F_ASN1_TIME_SET,0), "ASN1_TIME_set"},
{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"},
{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"},
{ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"},
@@ -133,7 +134,6 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"},
{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "I2D_ASN1_TIME"},
{ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0), "i2d_DSA_PUBKEY"},
-{ERR_PACK(0,ASN1_F_I2D_ECDSA_PUBKEY,0), "I2D_ECDSA_PUBKEY"},
{ERR_PACK(0,ASN1_F_I2D_EC_PUBKEY,0), "i2d_EC_PUBKEY"},
{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "i2d_Netscape_RSA"},
{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0), "i2d_PrivateKey"},
@@ -169,6 +169,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
{ASN1_R_DECODING_ERROR ,"decoding error"},
{ASN1_R_DEPTH_EXCEEDED ,"depth exceeded"},
{ASN1_R_ENCODE_ERROR ,"encode error"},
+{ASN1_R_ERROR_GETTING_TIME ,"error getting time"},
{ASN1_R_ERROR_LOADING_SECTION ,"error loading section"},
{ASN1_R_ERROR_PARSING_SET_ELEMENT ,"error parsing set element"},
{ASN1_R_ERROR_SETTING_CIPHER_PARAMS ,"error setting cipher params"},
diff --git a/crypto/o_time.c b/crypto/o_time.c
index 1bc0297b36..ca5f3ea48e 100644
--- a/crypto/o_time.c
+++ b/crypto/o_time.c
@@ -80,7 +80,8 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
ts = result;
#elif !defined(OPENSSL_SYS_VMS)
ts = gmtime(timer);
- memcpy(result, ts, sizeof(struct tm));
+ if (ts != NULL)
+ memcpy(result, ts, sizeof(struct tm));
ts = result;
#endif
#ifdef OPENSSL_SYS_VMS