From 9fd6f7d1cd2a3c8e2bc69dcb8bde8406eb6c2623 Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Mon, 8 Jul 2019 20:14:50 +1000 Subject: [PATCH] Avoid NULL pointer dereference. Fixes #9043. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/9059) --- apps/req.c | 14 ++++++++++++-- crypto/err/openssl.txt | 1 + crypto/x509/t_req.c | 4 ++++ crypto/x509/x509_err.c | 2 ++ include/openssl/x509err.h | 1 + 5 files changed, 20 insertions(+), 2 deletions(-) diff --git a/apps/req.c b/apps/req.c index ae420d30f5..f11d341c12 100644 --- a/apps/req.c +++ b/apps/req.c @@ -933,9 +933,19 @@ int req_main(int argc, char **argv) if (text) { if (x509) - X509_print_ex(out, x509ss, get_nameopt(), reqflag); + ret = X509_print_ex(out, x509ss, get_nameopt(), reqflag); else - X509_REQ_print_ex(out, req, get_nameopt(), reqflag); + ret = X509_REQ_print_ex(out, req, get_nameopt(), reqflag); + + if (ret == 0) { + if (x509) + BIO_printf(bio_err, "Error printing certificate\n"); + else + BIO_printf(bio_err, "Error printing certificate request\n"); + + ERR_print_errors(bio_err); + goto end; + } } if (subject) { diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 4d717e3605..f1567c2fa6 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -3221,6 +3221,7 @@ X509_R_CERT_ALREADY_IN_HASH_TABLE:101:cert already in hash table X509_R_CRL_ALREADY_DELTA:127:crl already delta X509_R_CRL_VERIFY_FAILURE:131:crl verify failure X509_R_IDP_MISMATCH:128:idp mismatch +X509_R_INVALID_ATTRIBUTES:138:invalid attributes X509_R_INVALID_DIRECTORY:113:invalid directory X509_R_INVALID_FIELD_NAME:119:invalid field name X509_R_INVALID_TRUST:123:invalid trust diff --git a/crypto/x509/t_req.c b/crypto/x509/t_req.c index 28157de7e3..8af6510bf5 100644 --- a/crypto/x509/t_req.c +++ b/crypto/x509/t_req.c @@ -127,6 +127,10 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, if ((j = i2a_ASN1_OBJECT(bp, aobj)) > 0) { ii = 0; count = X509_ATTRIBUTE_count(a); + if (count == 0) { + X509err(X509_F_X509_REQ_PRINT_EX, X509_R_INVALID_ATTRIBUTES); + return 0; + } get_next: at = X509_ATTRIBUTE_get0_type(a, ii); type = at->type; diff --git a/crypto/x509/x509_err.c b/crypto/x509/x509_err.c index c87d74daea..1d0c518b51 100644 --- a/crypto/x509/x509_err.c +++ b/crypto/x509/x509_err.c @@ -129,6 +129,8 @@ static const ERR_STRING_DATA X509_str_reasons[] = { {ERR_PACK(ERR_LIB_X509, 0, X509_R_CRL_VERIFY_FAILURE), "crl verify failure"}, {ERR_PACK(ERR_LIB_X509, 0, X509_R_IDP_MISMATCH), "idp mismatch"}, + {ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_ATTRIBUTES), + "invalid attributes"}, {ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_DIRECTORY), "invalid directory"}, {ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_FIELD_NAME), "invalid field name"}, diff --git a/include/openssl/x509err.h b/include/openssl/x509err.h index e796bf1ce6..f04db92d5a 100644 --- a/include/openssl/x509err.h +++ b/include/openssl/x509err.h @@ -102,6 +102,7 @@ int ERR_load_X509_strings(void); # define X509_R_CRL_ALREADY_DELTA 127 # define X509_R_CRL_VERIFY_FAILURE 131 # define X509_R_IDP_MISMATCH 128 +# define X509_R_INVALID_ATTRIBUTES 138 # define X509_R_INVALID_DIRECTORY 113 # define X509_R_INVALID_FIELD_NAME 119 # define X509_R_INVALID_TRUST 123 -- 2.25.1