diff options
| author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2020-01-04 15:54:53 +0100 |
|---|---|---|
| committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2020-03-21 18:46:36 +0100 |
| commit | 7e06a6758bef584deabc9cb4b0d21b3e664b25c9 (patch) | |
| tree | 8c0c5b3fbc427eb8f8b82570d3f88a1fa7032b3b /crypto/pkcs12 | |
| parent | evp_test: the tests using MDC2 need the legacy provider (diff) | |
| download | openssl-7e06a6758bef584deabc9cb4b0d21b3e664b25c9.tar.xz openssl-7e06a6758bef584deabc9cb4b0d21b3e664b25c9.zip | |
Fix error handling in x509v3_cache_extensions and related functions
Basically we use EXFLAG_INVALID for all kinds of out of memory and
all kinds of parse errors in x509v3_cache_extensions.
[extended tests]
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10755)
Diffstat (limited to 'crypto/pkcs12')
| -rw-r--r-- | crypto/pkcs12/p12_crt.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c index 94bd3e1636..0e8b419d0f 100644 --- a/crypto/pkcs12/p12_crt.c +++ b/crypto/pkcs12/p12_crt.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -62,7 +62,8 @@ PKCS12 *PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, X509 * if (pkey && cert) { if (!X509_check_private_key(cert, pkey)) return NULL; - X509_digest(cert, EVP_sha1(), keyid, &keyidlen); + if (!X509_digest(cert, EVP_sha1(), keyid, &keyidlen)) + return NULL; } if (cert) { |