Oops, s can be NULL

[oweals/openssl.git] / crypto / x509 / x509_cmp.c

diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index ee234b04ad1689ba6eebf3379460cafd8fa1cc67..2e444f28483e0f5b960249bd35d0f8b7b31b504a 100644 (file)
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -173,16 +173,16 @@ int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
        {
        int ret;
 
-       /* Ensure canonical encoding is present */
+       /* Ensure canonical encoding is present and up to date */
 
-       if (!a->canon_enc)
+       if (!a->canon_enc || a->modified)
                {
                ret = i2d_X509_NAME((X509_NAME *)a, NULL);
                if (ret < 0)
                        return -2;
                }
 
-       if (!b->canon_enc)
+       if (!b->canon_enc || b->modified)
                {
                ret = i2d_X509_NAME((X509_NAME *)b, NULL);
                if (ret < 0)
@@ -201,7 +201,7 @@ int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
 unsigned long X509_NAME_hash(X509_NAME *x)
        {
        unsigned long ret=0;
-       unsigned char md[16];
+       unsigned char md[SHA_DIGEST_LENGTH];
 
        /* Make sure X509_NAME structure contains valid cached encoding */
        i2d_X509_NAME(x,NULL);