diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2002-05-19 16:31:10 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2002-05-19 16:31:10 +0000 |
commit | eee6c81af8d1e1f535451f99d9df1778f0774f1f (patch) | |
tree | 6eea58d74094f43c36b09b7bd726284bcddc1981 /apps/ca.c | |
parent | b89670ef0e007dbb1dc84388bf9f47372c9f1087 (diff) | |
download | openssl-eee6c81af8d1e1f535451f99d9df1778f0774f1f.tar.gz |
Reorganise -subj option code, fix buffer overrun.
Diffstat (limited to 'apps/ca.c')
-rw-r--r-- | apps/ca.c | 49 |
1 files changed, 24 insertions, 25 deletions
@@ -238,7 +238,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, int verbose, X509_REQ *req, char *ext_sect, CONF *conf, unsigned long certopt, unsigned long nameopt, int default_op, int ext_copy); -static X509_NAME *do_subject(char *subject); static int do_revoke(X509 *x509, TXT_DB *db, int ext, char *extval); static int get_certificate_status(const char *ser_status, TXT_DB *db); static int do_updatedb(TXT_DB *db); @@ -1879,7 +1878,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, if (subj) { - X509_NAME *n = do_subject(subj); + X509_NAME *n = do_subject(subj, MBSTRING_ASC); if (!n) { @@ -3027,13 +3026,13 @@ int make_revoked(X509_REVOKED *rev, char *str) * subject is expected to be in the format /type0=value0/type1=value1/type2=... * where characters may be escaped by \ */ -static X509_NAME *do_subject(char *subject) +X509_NAME *do_subject(char *subject, long chtype) { - size_t buflen = strlen (subject)+1; /* to copy the types and values into. due to escaping, the copy can only become shorter */ - char *buf = malloc (buflen); + size_t buflen = strlen(subject)+1; /* to copy the types and values into. due to escaping, the copy can only become shorter */ + char *buf = OPENSSL_malloc(buflen); size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */ - char **ne_types = malloc (max_ne * sizeof (char *)); - char **ne_values = malloc (max_ne * sizeof (char *)); + char **ne_types = OPENSSL_malloc(max_ne * sizeof (char *)); + char **ne_values = OPENSSL_malloc(max_ne * sizeof (char *)); char *sp = subject, *bp = buf; int i, ne_num = 0; @@ -3044,13 +3043,13 @@ static X509_NAME *do_subject(char *subject) if (!buf || !ne_types || !ne_values) { BIO_printf(bio_err, "malloc error\n"); - goto error0; + goto error; } if (*subject != '/') { BIO_printf(bio_err, "Subject does not start with '/'.\n"); - goto error0; + goto error; } sp++; /* skip leading / */ @@ -3066,7 +3065,7 @@ static X509_NAME *do_subject(char *subject) else { BIO_printf(bio_err, "escape character at end of string\n"); - goto error0; + goto error; } else if (*sp == '=') { @@ -3080,7 +3079,7 @@ static X509_NAME *do_subject(char *subject) if (!*sp) { BIO_printf(bio_err, "end of string encountered while processing type of subject name element #%d\n", ne_num); - goto error0; + goto error; } ne_values[ne_num] = bp; while (*sp) @@ -3091,12 +3090,11 @@ static X509_NAME *do_subject(char *subject) else { BIO_printf(bio_err, "escape character at end of string\n"); - goto error0; + goto error; } else if (*sp == '/') { sp++; - *bp++ = '\0'; break; } else @@ -3107,7 +3105,7 @@ static X509_NAME *do_subject(char *subject) } if (!(n = X509_NAME_new())) - goto error0; + goto error; for (i = 0; i < ne_num; i++) { @@ -3123,25 +3121,26 @@ static X509_NAME *do_subject(char *subject) continue; } - if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_ASC, (unsigned char*)ne_values[i], -1,-1,0)) - goto error1; + if (!X509_NAME_add_entry_by_NID(n, nid, chtype, (unsigned char*)ne_values[i], -1,-1,0)) + goto error; } - free (ne_values); - free (ne_types); - free (buf); + OPENSSL_free(ne_values); + OPENSSL_free(ne_types); + OPENSSL_free(buf); return n; -error1: +error: X509_NAME_free(n); -error0: - free (ne_values); - free (ne_types); - free (buf); + if (ne_values) + OPENSSL_free(ne_values); + if (ne_types) + OPENSSL_free(ne_types); + if (buf) + OPENSSL_free(buf); return NULL; } - int old_entry_print(BIO *bp, ASN1_OBJECT *obj, ASN1_STRING *str) { char buf[25],*pbuf, *p; |