summaryrefslogtreecommitdiffstats
path: root/crypto/x509v3/v3_cpols.c
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2003-05-28 19:28:11 +0200
committerDr. Stephen Henson <steve@openssl.org>2003-05-28 19:28:11 +0200
commit60790aff6fc085b76e671ef63d31d6d6dd02355d (patch)
tree069f5e48d5692bb8d542bada3733db2135c6aa90 /crypto/x509v3/v3_cpols.c
parentPR: 631 (diff)
downloadopenssl-60790aff6fc085b76e671ef63d31d6d6dd02355d.tar.xz
openssl-60790aff6fc085b76e671ef63d31d6d6dd02355d.zip
PR: 627
Allocate certificatePolicies correctly if CPS field is absent. Fix various memory leaks in certificatePolicies.
Diffstat (limited to 'crypto/x509v3/v3_cpols.c')
-rw-r--r--crypto/x509v3/v3_cpols.c24
1 files changed, 12 insertions, 12 deletions
diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c
index 0d4ab1f680..0d554f3a2c 100644
--- a/crypto/x509v3/v3_cpols.c
+++ b/crypto/x509v3/v3_cpols.c
@@ -73,7 +73,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *polstrs, int ia5org);
static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *unot, int ia5org);
-static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos);
+static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos);
X509V3_EXT_METHOD v3_cpols = {
NID_certificate_policies, 0,ASN1_ITEM_ref(CERTIFICATEPOLICIES),
@@ -226,6 +226,8 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
qual = notice_section(ctx, unot, ia5org);
X509V3_section_free(ctx, unot);
if(!qual) goto err;
+ if(!pol->qualifiers) pol->qualifiers =
+ sk_POLICYQUALINFO_new_null();
if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
goto merr;
} else {
@@ -255,7 +257,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *unot, int ia5org)
{
- int i;
+ int i, ret;
CONF_VALUE *cnf;
USERNOTICE *not;
POLICYQUALINFO *qual;
@@ -275,8 +277,8 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
if(!(nref = NOTICEREF_new())) goto merr;
not->noticeref = nref;
} else nref = not->noticeref;
- if(ia5org) nref->organization = M_ASN1_IA5STRING_new();
- else nref->organization = M_ASN1_VISIBLESTRING_new();
+ if(ia5org) nref->organization->type = V_ASN1_IA5STRING;
+ else nref->organization->type = V_ASN1_VISIBLESTRING;
if(!ASN1_STRING_set(nref->organization, cnf->value,
strlen(cnf->value))) goto merr;
} else if(!strcmp(cnf->name, "noticeNumbers")) {
@@ -292,12 +294,12 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
X509V3_conf_err(cnf);
goto err;
}
- nref->noticenos = nref_nos(nos);
+ ret = nref_nos(nref->noticenos, nos);
sk_CONF_VALUE_pop_free(nos, X509V3_conf_free);
- if(!nref->noticenos) goto err;
+ if (!ret)
+ goto err;
} else {
X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_OPTION);
-
X509V3_conf_err(cnf);
goto err;
}
@@ -319,15 +321,13 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
return NULL;
}
-static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos)
+static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos)
{
- STACK_OF(ASN1_INTEGER) *nnums;
CONF_VALUE *cnf;
ASN1_INTEGER *aint;
int i;
- if(!(nnums = sk_ASN1_INTEGER_new_null())) goto merr;
for(i = 0; i < sk_CONF_VALUE_num(nos); i++) {
cnf = sk_CONF_VALUE_value(nos, i);
if(!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) {
@@ -336,14 +336,14 @@ static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos)
}
if(!sk_ASN1_INTEGER_push(nnums, aint)) goto merr;
}
- return nnums;
+ return 1;
merr:
X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE);
err:
sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free);
- return NULL;
+ return 0;
}