From 6fc92032e02bb17cb7486e71aafdc1905497693a Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 17 May 2018 09:53:14 +0200 Subject: [PATCH] Restore check of |*xn| against |name| in X509_NAME_set A previous change of this function introduced a fragility when the destination happens to be the same as the source. Such alias isn't recommended, but could still happen, for example in this kind of code: X509_NAME *subject = X509_get_issuer_name(x); /* ... some code passes ... */ X509_set_issuer_name(x, subject); Fixes #4710 Reviewed-by: Andy Polyakov (Merged from https://github.com/openssl/openssl/pull/6280) (cherry picked from commit c1c1783d45a5e91951e6328a820939d0256c841c) --- crypto/x509/x_name.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c index 0af5df5cfc..8e717dcd7e 100644 --- a/crypto/x509/x_name.c +++ b/crypto/x509/x_name.c @@ -472,6 +472,8 @@ static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname, int X509_NAME_set(X509_NAME **xn, X509_NAME *name) { + if (*xn == name) + return *xn != NULL; if ((name = X509_NAME_dup(name)) == NULL) return 0; X509_NAME_free(*xn); -- 2.25.1