From: Dr. Stephen Henson <steve@openssl.org>
Date: Tue, 10 Nov 2009 00:48:07 +0000 (+0000)
Subject: PR: 2090
X-Git-Tag: OpenSSL-fips-2_0-rc1~1452
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=b599006751372b6fc94eb54b0dccade6e9753922;p=oweals%2Fopenssl.git

PR: 2090
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

Improve error checking in asn1_gen.c
---

diff --git a/crypto/asn1/asn1_gen.c b/crypto/asn1/asn1_gen.c
index ec18cbff4f..4fc241908f 100644
--- a/crypto/asn1/asn1_gen.c
+++ b/crypto/asn1/asn1_gen.c
@@ -227,6 +227,8 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
 	/* Allocate buffer for new encoding */
 
 	new_der = OPENSSL_malloc(len);
+	if (!new_der)
+		goto err;
 
 	/* Generate tagged encoding */
 
@@ -452,6 +454,8 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
 	int derlen;
 	int i;
 	sk = sk_ASN1_TYPE_new_null();
+	if (!sk)
+		goto bad;
 	if (section)
 		{
 		if (!cnf)
@@ -464,7 +468,8 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
 			ASN1_TYPE *typ = ASN1_generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf);
 			if (!typ)
 				goto bad;
-			sk_ASN1_TYPE_push(sk, typ);
+			if (!sk_ASN1_TYPE_push(sk, typ))
+				goto bad;
 			}
 		}
 
@@ -475,6 +480,9 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
 	else
 		derlen = i2d_ASN1_SEQUENCE_ANY(sk, &der);
 
+	if (derlen < 0)
+		goto bad;
+
 	if (!(ret = ASN1_TYPE_new()))
 		goto bad;