From 24664a3bf56c9372d4b358c1c90cacaba8fb4c14 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 21 Jun 2017 15:56:36 +0100 Subject: [PATCH] Remove OPENSSL_assert() from crypto/x509 Reviewed-by: Andy Polyakov (Merged from https://github.com/openssl/openssl/pull/3740) --- crypto/x509/x509_vfy.c | 31 +++++++++++++++++++++++++++---- crypto/x509/x_x509.c | 3 ++- 2 files changed, 29 insertions(+), 5 deletions(-) diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 70ce606522..af96418e85 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -2843,7 +2843,11 @@ static int build_chain(X509_STORE_CTX *ctx) int i; /* Our chain starts with a single untrusted element. */ - OPENSSL_assert(num == 1 && ctx->num_untrusted == num); + if (!ossl_assert(num == 1 && ctx->num_untrusted == num)) { + X509err(X509_F_BUILD_CHAIN, ERR_R_INTERNAL_ERROR); + ctx->error = X509_V_ERR_UNSPECIFIED; + return 0; + } #define S_DOUNTRUSTED (1 << 0) /* Search untrusted chain */ #define S_DOTRUSTED (1 << 1) /* Search trusted store */ @@ -2980,7 +2984,14 @@ static int build_chain(X509_STORE_CTX *ctx) * certificate among the ones from the trust store. */ if ((search & S_DOALTERNATE) != 0) { - OPENSSL_assert(num > i && i > 0 && ss == 0); + if (!ossl_assert(num > i && i > 0 && ss == 0)) { + X509err(X509_F_BUILD_CHAIN, ERR_R_INTERNAL_ERROR); + X509_free(xtmp); + trust = X509_TRUST_REJECTED; + ctx->error = X509_V_ERR_UNSPECIFIED; + search = 0; + continue; + } search &= ~S_DOALTERNATE; for (; num > i; --num) X509_free(sk_X509_pop(ctx->chain)); @@ -3043,7 +3054,13 @@ static int build_chain(X509_STORE_CTX *ctx) * certificate with ctx->num_untrusted <= num. */ if (ok) { - OPENSSL_assert(ctx->num_untrusted <= num); + if (!ossl_assert(ctx->num_untrusted <= num)) { + X509err(X509_F_BUILD_CHAIN, ERR_R_INTERNAL_ERROR); + trust = X509_TRUST_REJECTED; + ctx->error = X509_V_ERR_UNSPECIFIED; + search = 0; + continue; + } search &= ~S_DOUNTRUSTED; switch (trust = check_trust(ctx, num)) { case X509_TRUST_TRUSTED: @@ -3082,7 +3099,13 @@ static int build_chain(X509_STORE_CTX *ctx) */ if ((search & S_DOUNTRUSTED) != 0) { num = sk_X509_num(ctx->chain); - OPENSSL_assert(num == ctx->num_untrusted); + if (!ossl_assert(num == ctx->num_untrusted)) { + X509err(X509_F_BUILD_CHAIN, ERR_R_INTERNAL_ERROR); + trust = X509_TRUST_REJECTED; + ctx->error = X509_V_ERR_UNSPECIFIED; + search = 0; + continue; + } x = sk_X509_value(ctx->chain, num-1); /* diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c index 6783fd8728..b45944851d 100644 --- a/crypto/x509/x_x509.c +++ b/crypto/x509/x_x509.c @@ -145,7 +145,8 @@ static int i2d_x509_aux_internal(X509 *a, unsigned char **pp) int length, tmplen; unsigned char *start = pp != NULL ? *pp : NULL; - OPENSSL_assert(pp == NULL || *pp != NULL); + if (!ossl_assert(pp == NULL || *pp != NULL)) + return -1; /* * This might perturb *pp on error, but fixing that belongs in i2d_X509() -- 2.25.1