Ensure we check i2d_X509 return val

The i2d_X509() function can return a negative value on error. Therefore we should make sure we check it. Issue reported by Yuan Jochen Kang. Reviewed-by: Emilia Käsper <emilia@openssl.org>
author: Matt Caswell <matt@openssl.org> 2016-04-25 17:05:55 +0200
committer: Matt Caswell <matt@openssl.org> 2016-04-26 15:29:54 +0200
commit: 446ba8de9af9aa4fa3debc7c76a38f4efed47a62 (patch)
tree: 6434077e6c163594ba42ff1302619fd2dfb004f3 /crypto/x509/x_x509.c
parent: *.der files are binary. (diff)
download: openssl-446ba8de9af9aa4fa3debc7c76a38f4efed47a62.tar.xz
openssl-446ba8de9af9aa4fa3debc7c76a38f4efed47a62.zip
1 files changed, 12 insertions, 3 deletions
diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c
index 34639555ba..22a7e5922d 100644
--- a/crypto/x509/x_x509.c
+++ b/crypto/x509/x_x509.c
@@ -182,10 +182,19 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
 
 int i2d_X509_AUX(X509 *a, unsigned char **pp)
 {
-    int length;
+    int length, tmplen;
+    unsigned char *start = *pp;
     length = i2d_X509(a, pp);
-    if (a)
-        length += i2d_X509_CERT_AUX(a->aux, pp);
+    if (length < 0 || a == NULL)
+        return length;
+
+    tmplen = i2d_X509_CERT_AUX(a->aux, pp);
+    if (tmplen < 0) {
+        *pp = start;
+        return tmplen;
+    }
+    length += tmplen;
+
     return length;
 }
author	Matt Caswell <matt@openssl.org>	2016-04-25 17:05:55 +0200
committer	Matt Caswell <matt@openssl.org>	2016-04-26 15:29:54 +0200
commit	446ba8de9af9aa4fa3debc7c76a38f4efed47a62 (patch)
tree	6434077e6c163594ba42ff1302619fd2dfb004f3 /crypto/x509/x_x509.c
parent	*.der files are binary. (diff)
download	openssl-446ba8de9af9aa4fa3debc7c76a38f4efed47a62.tar.xz openssl-446ba8de9af9aa4fa3debc7c76a38f4efed47a62.zip