X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *nval)
{
- GENERAL_NAMES *gens = NULL;
- CONF_VALUE *cnf;
+ GENERAL_NAMES *gens = sk_GENERAL_NAME_new_null();
+ const int num = sk_CONF_VALUE_num(nval);
int i;
- if ((gens = sk_GENERAL_NAME_new_null()) == NULL) {
+ if (gens == NULL || !sk_GENERAL_NAME_reserve(gens, num)) {
X509V3err(X509V3_F_V2I_ISSUER_ALT, ERR_R_MALLOC_FAILURE);
+ sk_GENERAL_NAME_free(gens);
return NULL;
}
- for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
- cnf = sk_CONF_VALUE_value(nval, i);
+ for (i = 0; i < num; i++) {
+ CONF_VALUE *cnf = sk_CONF_VALUE_value(nval, i);
+
if (!name_cmp(cnf->name, "issuer")
&& cnf->value && strcmp(cnf->value, "copy") == 0) {
if (!copy_issuer(ctx, gens))
goto err;
} else {
- GENERAL_NAME *gen;
- if ((gen = v2i_GENERAL_NAME(method, ctx, cnf)) == NULL)
+ GENERAL_NAME *gen = v2i_GENERAL_NAME(method, ctx, cnf);
+
+ if (gen == NULL)
goto err;
- sk_GENERAL_NAME_push(gens, gen);
+ sk_GENERAL_NAME_push(gens, gen); /* no failure as it was reserved */
}
}
return gens;
GENERAL_NAMES *ialt;
GENERAL_NAME *gen;
X509_EXTENSION *ext;
- int i;
+ int i, num;
if (ctx && (ctx->flags == CTX_TEST))
return 1;
goto err;
}
- for (i = 0; i < sk_GENERAL_NAME_num(ialt); i++) {
+ num = sk_GENERAL_NAME_num(ialt);
+ if (!sk_GENERAL_NAME_reserve(gens, num)) {
+ X509V3err(X509V3_F_COPY_ISSUER, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ for (i = 0; i < num; i++) {
gen = sk_GENERAL_NAME_value(ialt, i);
- if (!sk_GENERAL_NAME_push(gens, gen)) {
- X509V3err(X509V3_F_COPY_ISSUER, ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ sk_GENERAL_NAME_push(gens, gen); /* no failure as it was reserved */
}
sk_GENERAL_NAME_free(ialt);
X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *nval)
{
- GENERAL_NAMES *gens = NULL;
+ GENERAL_NAMES *gens;
CONF_VALUE *cnf;
+ const int num = sk_CONF_VALUE_num(nval);
int i;
- if ((gens = sk_GENERAL_NAME_new_null()) == NULL) {
+ gens = sk_GENERAL_NAME_new_null();
+ if (gens == NULL || !sk_GENERAL_NAME_reserve(gens, num)) {
X509V3err(X509V3_F_V2I_SUBJECT_ALT, ERR_R_MALLOC_FAILURE);
+ sk_GENERAL_NAME_free(gens);
return NULL;
}
- for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+
+ for (i = 0; i < num; i++) {
cnf = sk_CONF_VALUE_value(nval, i);
if (!name_cmp(cnf->name, "email")
&& cnf->value && strcmp(cnf->value, "copy") == 0) {
GENERAL_NAME *gen;
if ((gen = v2i_GENERAL_NAME(method, ctx, cnf)) == NULL)
goto err;
- sk_GENERAL_NAME_push(gens, gen);
+ sk_GENERAL_NAME_push(gens, gen); /* no failure as it was reserved */
}
}
return gens;
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
GENERAL_NAME *gen;
- GENERAL_NAMES *gens = NULL;
+ GENERAL_NAMES *gens;
CONF_VALUE *cnf;
+ const int num = sk_CONF_VALUE_num(nval);
int i;
- if ((gens = sk_GENERAL_NAME_new_null()) == NULL) {
+ gens = sk_GENERAL_NAME_new_null();
+ if (gens == NULL || !sk_GENERAL_NAME_reserve(gens, num)) {
X509V3err(X509V3_F_V2I_GENERAL_NAMES, ERR_R_MALLOC_FAILURE);
+ sk_GENERAL_NAME_free(gens);
return NULL;
}
- for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+
+ for (i = 0; i < num; i++) {
cnf = sk_CONF_VALUE_value(nval, i);
if ((gen = v2i_GENERAL_NAME(method, ctx, cnf)) == NULL)
goto err;
- sk_GENERAL_NAME_push(gens, gen);
+ sk_GENERAL_NAME_push(gens, gen); /* no failure as it was reserved */
}
return gens;
err:
static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, const char *value)
{
- STACK_OF(POLICYINFO) *pols = NULL;
+ STACK_OF(POLICYINFO) *pols;
char *pstr;
POLICYINFO *pol;
ASN1_OBJECT *pobj;
- STACK_OF(CONF_VALUE) *vals;
+ STACK_OF(CONF_VALUE) *vals = X509V3_parse_list(value);
CONF_VALUE *cnf;
+ const int num = sk_CONF_VALUE_num(vals);
int i, ia5org;
- pols = sk_POLICYINFO_new_null();
- if (pols == NULL) {
- X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- vals = X509V3_parse_list(value);
+
if (vals == NULL) {
X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_X509V3_LIB);
+ return NULL;
+ }
+
+ pols = sk_POLICYINFO_new_null();
+ if (pols == NULL || !sk_POLICYINFO_reserve(pols, num)) {
+ X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
goto err;
}
+
ia5org = 0;
- for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
+ for (i = 0; i < num; i++) {
cnf = sk_CONF_VALUE_value(vals, i);
+
if (cnf->value || !cnf->name) {
X509V3err(X509V3_F_R2I_CERTPOL,
X509V3_R_INVALID_POLICY_IDENTIFIER);
err:
POLICYINFO_free(pol);
return NULL;
-
}
static int displaytext_get_tag_len(const char *tagstr)
{
int i;
CONF_VALUE *cnf;
- DIST_POINT *point = NULL;
- point = DIST_POINT_new();
+ DIST_POINT *point = DIST_POINT_new();
+
if (point == NULL)
goto err;
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
static void *v2i_crld(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
- STACK_OF(DIST_POINT) *crld = NULL;
+ STACK_OF(DIST_POINT) *crld;
GENERAL_NAMES *gens = NULL;
GENERAL_NAME *gen = NULL;
CONF_VALUE *cnf;
+ const int num = sk_CONF_VALUE_num(nval);
int i;
- if ((crld = sk_DIST_POINT_new_null()) == NULL)
+ crld = sk_DIST_POINT_new_null();
+ if (crld == NULL || !sk_DIST_POINT_reserve(crld, num))
goto merr;
- for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+ for (i = 0; i < num; i++) {
DIST_POINT *point;
+
cnf = sk_CONF_VALUE_value(nval, i);
if (!cnf->value) {
STACK_OF(CONF_VALUE) *dpsect;
X509V3_section_free(ctx, dpsect);
if (!point)
goto err;
- if (!sk_DIST_POINT_push(crld, point)) {
- DIST_POINT_free(point);
- goto merr;
- }
+ sk_DIST_POINT_push(crld, point); /* no failure as it was reserved */
} else {
if ((gen = v2i_GENERAL_NAME(method, ctx, cnf)) == NULL)
goto err;
gen = NULL;
if ((point = DIST_POINT_new()) == NULL)
goto merr;
- if (!sk_DIST_POINT_push(crld, point)) {
- DIST_POINT_free(point);
- goto merr;
- }
+ sk_DIST_POINT_push(crld, point); /* no failure as it was reserved */
if ((point->distpoint = DIST_POINT_NAME_new()) == NULL)
goto merr;
point->distpoint->name.fullname = gens;
char *extval;
ASN1_OBJECT *objtmp;
CONF_VALUE *val;
+ const int num = sk_CONF_VALUE_num(nval);
int i;
- if ((extku = sk_ASN1_OBJECT_new_null()) == NULL) {
+ extku = sk_ASN1_OBJECT_new_null();
+ if (extku == NULL || !sk_ASN1_OBJECT_reserve(extku, num)) {
X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE, ERR_R_MALLOC_FAILURE);
+ sk_ASN1_OBJECT_free(extku);
return NULL;
}
- for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+ for (i = 0; i < num; i++) {
val = sk_CONF_VALUE_value(nval, i);
if (val->value)
extval = val->value;
X509V3_conf_err(val);
return NULL;
}
- sk_ASN1_OBJECT_push(extku, objtmp);
+ sk_ASN1_OBJECT_push(extku, objtmp); /* no failure as it was reserved */
}
return extku;
}
int i;
char obj_tmp1[80];
char obj_tmp2[80];
+
for (i = 0; i < sk_POLICY_MAPPING_num(pmaps); i++) {
pmap = sk_POLICY_MAPPING_value(pmaps, i);
i2t_ASN1_OBJECT(obj_tmp1, 80, pmap->issuerDomainPolicy);
static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
- POLICY_MAPPINGS *pmaps = NULL;
POLICY_MAPPING *pmap = NULL;
ASN1_OBJECT *obj1 = NULL, *obj2 = NULL;
CONF_VALUE *val;
+ POLICY_MAPPINGS *pmaps;
+ const int num = sk_CONF_VALUE_num(nval);
int i;
if ((pmaps = sk_POLICY_MAPPING_new_null()) == NULL) {
X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE);
return NULL;
}
+ if (!sk_POLICY_MAPPING_reserve(pmaps, num))
+ goto err;
- for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+ for (i = 0; i < num; i++) {
val = sk_CONF_VALUE_value(nval, i);
if (!val->value || !val->name) {
X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,
pmap->issuerDomainPolicy = obj1;
pmap->subjectDomainPolicy = obj2;
obj1 = obj2 = NULL;
- sk_POLICY_MAPPING_push(pmaps, pmap);
+ sk_POLICY_MAPPING_push(pmaps, pmap); /* no failure as it was reserved */
}
return pmaps;
err:
projects / oweals / openssl.git / commitdiff