diff options
| author | Matt Caswell <matt@openssl.org> | 2017-06-21 15:56:36 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2017-08-21 08:44:44 +0100 |
| commit | 24664a3bf56c9372d4b358c1c90cacaba8fb4c14 (patch) | |
| tree | 67d1c86a24d0f99cdfcce0f8becd408d7b850f69 | |
| parent | fb7621cb4bea395566b8c1d301f1b2978abdfde5 (diff) | |
| download | openssl-24664a3bf56c9372d4b358c1c90cacaba8fb4c14.tar.gz | |
Remove OPENSSL_assert() from crypto/x509
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3740)
| -rw-r--r-- | crypto/x509/x509_vfy.c | 31 | ||||
| -rw-r--r-- | crypto/x509/x_x509.c | 3 |
2 files changed, 29 insertions, 5 deletions
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 70ce606522..af96418e85 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -2843,7 +2843,11 @@ static int build_chain(X509_STORE_CTX *ctx) int i; /* Our chain starts with a single untrusted element. */ - OPENSSL_assert(num == 1 && ctx->num_untrusted == num); + if (!ossl_assert(num == 1 && ctx->num_untrusted == num)) { + X509err(X509_F_BUILD_CHAIN, ERR_R_INTERNAL_ERROR); + ctx->error = X509_V_ERR_UNSPECIFIED; + return 0; + } #define S_DOUNTRUSTED (1 << 0) /* Search untrusted chain */ #define S_DOTRUSTED (1 << 1) /* Search trusted store */ @@ -2980,7 +2984,14 @@ static int build_chain(X509_STORE_CTX *ctx) * certificate among the ones from the trust store. */ if ((search & S_DOALTERNATE) != 0) { - OPENSSL_assert(num > i && i > 0 && ss == 0); + if (!ossl_assert(num > i && i > 0 && ss == 0)) { + X509err(X509_F_BUILD_CHAIN, ERR_R_INTERNAL_ERROR); + X509_free(xtmp); + trust = X509_TRUST_REJECTED; + ctx->error = X509_V_ERR_UNSPECIFIED; + search = 0; + continue; + } search &= ~S_DOALTERNATE; for (; num > i; --num) X509_free(sk_X509_pop(ctx->chain)); @@ -3043,7 +3054,13 @@ static int build_chain(X509_STORE_CTX *ctx) * certificate with ctx->num_untrusted <= num. */ if (ok) { - OPENSSL_assert(ctx->num_untrusted <= num); + if (!ossl_assert(ctx->num_untrusted <= num)) { + X509err(X509_F_BUILD_CHAIN, ERR_R_INTERNAL_ERROR); + trust = X509_TRUST_REJECTED; + ctx->error = X509_V_ERR_UNSPECIFIED; + search = 0; + continue; + } search &= ~S_DOUNTRUSTED; switch (trust = check_trust(ctx, num)) { case X509_TRUST_TRUSTED: @@ -3082,7 +3099,13 @@ static int build_chain(X509_STORE_CTX *ctx) */ if ((search & S_DOUNTRUSTED) != 0) { num = sk_X509_num(ctx->chain); - OPENSSL_assert(num == ctx->num_untrusted); + if (!ossl_assert(num == ctx->num_untrusted)) { + X509err(X509_F_BUILD_CHAIN, ERR_R_INTERNAL_ERROR); + trust = X509_TRUST_REJECTED; + ctx->error = X509_V_ERR_UNSPECIFIED; + search = 0; + continue; + } x = sk_X509_value(ctx->chain, num-1); /* diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c index 6783fd8728..b45944851d 100644 --- a/crypto/x509/x_x509.c +++ b/crypto/x509/x_x509.c @@ -145,7 +145,8 @@ static int i2d_x509_aux_internal(X509 *a, unsigned char **pp) int length, tmplen; unsigned char *start = pp != NULL ? *pp : NULL; - OPENSSL_assert(pp == NULL || *pp != NULL); + if (!ossl_assert(pp == NULL || *pp != NULL)) + return -1; /* * This might perturb *pp on error, but fixing that belongs in i2d_X509() |