feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fixes from review, adds some error checking, and adds const variables

Browse Source
This commit is contained in:
Carie Pointer
2019-10-10 09:13:35 -07:00
parent 4fa2b71848
commit 1d7f0de5b5
1 changed files with 67 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
src/ssl.c
View File

@@ -7924,11 +7924,12 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
break; break;
case ALT_NAMES_OID: case ALT_NAMES_OID:
{
WOLFSSL_GENERAL_NAME* gn = NULL;
DNS_entry* dns = NULL;
if (!isSet) if (!isSet)
break; break;
WOLFSSL_GENERAL_NAME* gn = NULL;
DNS_entry* dns = NULL;
sk = (WOLF_STACK_OF(WOLFSSL_GENERAL_NAME)*)XMALLOC( sk = (WOLF_STACK_OF(WOLFSSL_GENERAL_NAME)*)XMALLOC(
sizeof(WOLF_STACK_OF(WOLFSSL_GENERAL_NAME)), NULL, sizeof(WOLF_STACK_OF(WOLFSSL_GENERAL_NAME)), NULL,
DYNAMIC_TYPE_ASN1); DYNAMIC_TYPE_ASN1);
@@ -7965,15 +7966,16 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (dns != NULL) { if (dns != NULL) {
if (wolfSSL_sk_GENERAL_NAME_push(sk, gn) != if (wolfSSL_sk_GENERAL_NAME_push(sk, gn) !=
WOLFSSL_SUCCESS) { WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Error pushing ASN1 object onto stack"); WOLFSSL_MSG("Error pushing onto stack");
wolfSSL_GENERAL_NAME_free(gn); wolfSSL_GENERAL_NAME_free(gn);
wolfSSL_sk_free(sk); wolfSSL_sk_free(sk);
sk = NULL; sk = NULL;
} }
} }
} }
if (wolfSSL_sk_GENERAL_NAME_push(sk,gn) != WOLFSSL_SUCCESS) { if (wolfSSL_sk_GENERAL_NAME_push(sk,gn) !=
WOLFSSL_MSG("Error pushing ASN1 object onto stack"); WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Error pushing onto stack");
wolfSSL_GENERAL_NAME_free(gn); wolfSSL_GENERAL_NAME_free(gn);
wolfSSL_sk_free(sk); wolfSSL_sk_free(sk);
sk = NULL; sk = NULL;
@@ -7982,6 +7984,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
ext->ext_sk = sk; ext->ext_sk = sk;
ext->crit = x509->subjAltNameCrit; ext->crit = x509->subjAltNameCrit;
}
break; break;
default: default:
@@ -8088,7 +8091,7 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
ASN1_OBJECT* obj; ASN1_OBJECT* obj;
ASN1_STRING* str; ASN1_STRING* str;
int nid; int nid;
int sz = CTC_NAME_SIZE*2; const int sz = CTC_NAME_SIZE*2;
int rc = WOLFSSL_FAILURE; int rc = WOLFSSL_FAILURE;
char tmp[sz]; char tmp[sz];
WOLFSSL_ENTER("wolfSSL_X509V3_EXT_print"); WOLFSSL_ENTER("wolfSSL_X509V3_EXT_print");
@@ -8133,8 +8136,17 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
/* str is GENERAL_NAME for subject alternative name ext */ /* str is GENERAL_NAME for subject alternative name ext */
str = sk->data.gn->d.ia5; str = sk->data.gn->d.ia5;
len = str->length + 2; /* + 2 for NULL char and "," */ len = str->length + 2; /* + 2 for NULL char and "," */
if (len > sz) {
WOLFSSL_MSG("len greater than buffer size");
return rc;
}
val = (char*)XMALLOC(len + indent, NULL, val = (char*)XMALLOC(len + indent, NULL,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER);
if (val == NULL) {
WOLFSSL_MSG("Memory error");
return rc;
}
if (sk->next) if (sk->next)
XSNPRINTF(val, len, "%*s%s, ", indent, "", str->strData); XSNPRINTF(val, len, "%*s%s, ", indent, "", str->strData);
else else
@@ -40568,7 +40580,7 @@ void wolfSSL_sk_X509_NAME_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk)
#if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) #if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL)
/* Helper function for X509_NAME_print_ex. Sets *buf to string for domain /* Helper function for X509_NAME_print_ex. Sets *buf to string for domain
name attribute based on NID. Returns size of buf */ name attribute based on NID. Returns size of buf */
static int get_dn_attr_by_nid(int n, char** buf) static int get_dn_attr_by_nid(int n, const char** buf)
{ {
int len = 0; int len = 0;
const char *str; const char *str;
@@ -40609,7 +40621,7 @@ static int get_dn_attr_by_nid(int n, char** buf)
} }
if (buf != NULL) if (buf != NULL)
*buf = (char*)str; *buf = str;
return len; return len;
} }
#endif #endif
@@ -40621,7 +40633,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name,
int count = 0, len = 0, totalSz = 0, tmpSz = 0; int count = 0, len = 0, totalSz = 0, tmpSz = 0;
char tmp[ASN_NAME_MAX]; char tmp[ASN_NAME_MAX];
char fullName[ASN_NAME_MAX]; char fullName[ASN_NAME_MAX];
char *buf = NULL; const char *buf = NULL;
WOLFSSL_X509_NAME_ENTRY* ne; WOLFSSL_X509_NAME_ENTRY* ne;
WOLFSSL_ASN1_STRING* str; WOLFSSL_ASN1_STRING* str;
#endif #endif
@@ -40653,6 +40665,11 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name,
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
tmpSz = str->length + len + 2; /* + 2 for '=' and null char */ tmpSz = str->length + len + 2; /* + 2 for '=' and null char */
if (tmpSz > ASN_NAME_MAX) {
WOLFSSL_MSG("Size greater than ASN_NAME_MAX");
return WOLFSSL_FAILURE;
}
if (i < count - 1) { if (i < count - 1) {
XSNPRINTF(tmp, tmpSz+1, "%s=%s,", buf, str->data); XSNPRINTF(tmp, tmpSz+1, "%s=%s,", buf, str->data);
XSTRNCAT(fullName, tmp, tmpSz); XSTRNCAT(fullName, tmp, tmpSz);