diff options
author | Richard Levitte <levitte@openssl.org> | 2018-05-17 09:53:14 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2018-05-20 09:48:58 +0200 |
commit | c1c1783d45a5e91951e6328a820939d0256c841c (patch) | |
tree | ca4dbeb0f18d205dfb3f67871bc56f038a81cb4e | |
parent | f3021aca4a154c2ff9bd0030f7974eb6a719550d (diff) | |
download | openssl-c1c1783d45a5e91951e6328a820939d0256c841c.tar.gz |
Restore check of |*xn| against |name| in X509_NAME_set
A previous change of this function introduced a fragility when the
destination happens to be the same as the source. Such alias isn't
recommended, but could still happen, for example in this kind of code:
X509_NAME *subject = X509_get_issuer_name(x);
/* ... some code passes ... */
X509_set_issuer_name(x, subject);
Fixes #4710
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6280)
-rw-r--r-- | crypto/x509/x_name.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c index aec34598c0..a1e9bbdb66 100644 --- a/crypto/x509/x_name.c +++ b/crypto/x509/x_name.c @@ -481,6 +481,8 @@ static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname, int X509_NAME_set(X509_NAME **xn, X509_NAME *name) { + if (*xn == name) + return *xn != NULL; if ((name = X509_NAME_dup(name)) == NULL) return 0; X509_NAME_free(*xn); |