From: Bodo Möller <bodo@openssl.org>
Date: Wed, 17 Apr 2002 09:29:54 +0000 (+0000)
Subject: check return values
X-Git-Tag: OpenSSL_0_9_6d-beta1~1
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=5d2175eddb41f6ea4d794894b590abbb298ff165;p=oweals%2Fopenssl.git

check return values

Submitted by: Nils Larsch
---

diff --git a/CHANGES b/CHANGES
index 5a0e1ec76b..cf4a885415 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@
 
  Changes between 0.9.6c and 0.9.6d  [XX xxx XXXX]
 
+  *) Check various X509_...() return values in apps/req.c.
+     [Nils Larsch <nla@trustcenter.de>]
+
   *) Fix BASE64 decode (EVP_DecodeUpdate) for data with CR/LF ended lines:
      an end-of-file condition would erronously be flagged, when the CRLF
      was just at the end of a processed block. The bug was discovered when
diff --git a/apps/req.c b/apps/req.c
index 7b61dc6dd8..11c4e5f03f 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -283,7 +283,7 @@ int MAIN(int argc, char **argv)
 						goto end;
 						}
 
-					dtmp=X509_get_pubkey(xtmp);
+					if ((dtmp=X509_get_pubkey(xtmp)) == NULL) goto end;
 					if (dtmp->type == EVP_PKEY_DSA)
 						dsa_params=DSAparams_dup(dtmp->pkey.dsa);
 					EVP_PKEY_free(dtmp);
@@ -718,17 +718,14 @@ loop:
 
 			/* Set version to V3 */
 			if(!X509_set_version(x509ss, 2)) goto end;
-			ASN1_INTEGER_set(X509_get_serialNumber(x509ss),0L);
-
-			X509_set_issuer_name(x509ss,
-				X509_REQ_get_subject_name(req));
-			X509_gmtime_adj(X509_get_notBefore(x509ss),0);
-			X509_gmtime_adj(X509_get_notAfter(x509ss),
-				(long)60*60*24*days);
-			X509_set_subject_name(x509ss,
-				X509_REQ_get_subject_name(req));
+			if (!ASN1_INTEGER_set(X509_get_serialNumber(x509ss),0L)) goto end;
+
+			if (!X509_set_issuer_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
+			if (!X509_gmtime_adj(X509_get_notBefore(x509ss),0)) goto end;
+			if (!X509_gmtime_adj(X509_get_notAfter(x509ss), (long)60*60*24*days)) goto end;
+			if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
 			tmppkey = X509_REQ_get_pubkey(req);
-			X509_set_pubkey(x509ss,tmppkey);
+			if (!tmppkey || !X509_set_pubkey(x509ss,tmppkey)) goto end;
 			EVP_PKEY_free(tmppkey);
 
 			/* Set up V3 context struct */
@@ -959,7 +956,7 @@ static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, int attribs)
 	else i = prompt_info(req, dn_sk, dn_sect, attr_sk, attr_sect, attribs);
 	if(!i) goto err;
 
-	X509_REQ_set_pubkey(req,pkey);
+	if (!X509_REQ_set_pubkey(req,pkey)) goto err;
 
 	ret=1;
 err: