Commit
ffb46830e2df introduced the 'rand_serial' option. When it is used,
the 'serialfile' does not get initialized, i.e. it remains a NULL pointer.
This causes a crash when the NULL pointer is passed to the rotate_serial()
call.
This commit fixes the crash and unifies the pointer checking before
calling the rotate_serial() and save_serial() commands.
Fixes #7412
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7417)
(cherry picked from commit
aeec793b4bee929cef8ae35ec4b5a783a6e1d7ed)
BIO_printf(bio_err, "Write out database with %d new entries\n",
sk_X509_num(cert_sk));
BIO_printf(bio_err, "Write out database with %d new entries\n",
sk_X509_num(cert_sk));
&& !save_serial(serialfile, "new", serial, NULL))
goto end;
&& !save_serial(serialfile, "new", serial, NULL))
goto end;
if (sk_X509_num(cert_sk)) {
/* Rename the database and the serial file */
if (sk_X509_num(cert_sk)) {
/* Rename the database and the serial file */
- if (!rotate_serial(serialfile, "new", "old"))
+ if (serialfile != NULL
+ && !rotate_serial(serialfile, "new", "old"))
goto end;
if (!rotate_index(dbfile, "new", "old"))
goto end;
if (!rotate_index(dbfile, "new", "old"))
}
/* we have a CRL number that need updating */
}
/* we have a CRL number that need updating */
- if (crlnumberfile != NULL)
- if (!rand_ser
- && !save_serial(crlnumberfile, "new", crlnumber, NULL))
- goto end;
+ if (crlnumberfile != NULL
+ && !save_serial(crlnumberfile, "new", crlnumber, NULL))
+ goto end;
BN_free(crlnumber);
crlnumber = NULL;
BN_free(crlnumber);
crlnumber = NULL;
PEM_write_bio_X509_CRL(Sout, crl);
PEM_write_bio_X509_CRL(Sout, crl);
- if (crlnumberfile != NULL) /* Rename the crlnumber file */
- if (!rotate_serial(crlnumberfile, "new", "old"))
- goto end;
+ /* Rename the crlnumber file */
+ if (crlnumberfile != NULL
+ && !rotate_serial(crlnumberfile, "new", "old"))
+ goto end;
}
/*****************************************************************/
}
/*****************************************************************/