diff --git a/src/crl.c b/src/crl.c index e9609b353..e36af26ad 100644 --- a/src/crl.c +++ b/src/crl.c @@ -99,7 +99,15 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff, crle->lastDateFormat = dcrl->lastDateFormat; crle->nextDateFormat = dcrl->nextDateFormat; crle->version = dcrl->version; + #if defined(OPENSSL_EXTRA) + crle->lastDateAsn1.length = MAX_DATE_SIZE; + XMEMCPY (crle->lastDateAsn1.data, crle->lastDate, crle->lastDateAsn1.length); + crle->lastDateAsn1.type = crle->lastDateFormat; + crle->nextDateAsn1.length = MAX_DATE_SIZE; + XMEMCPY (crle->nextDateAsn1.data, crle->nextDate, crle->nextDateAsn1.length); + crle->nextDateAsn1.type = crle->nextDateFormat; + crle->issuer = NULL; wolfSSL_d2i_X509_NAME(&crle->issuer, (unsigned char**)&dcrl->issuer, dcrl->issuerSz); @@ -696,6 +704,15 @@ static CRL_Entry* DupCRL_Entry(const CRL_Entry* ent, void* heap) dupl->lastDateFormat = ent->lastDateFormat; dupl->nextDateFormat = ent->nextDateFormat; +#if defined(OPENSSL_EXTRA) + dupl->lastDateAsn1.length = MAX_DATE_SIZE; + XMEMCPY (dupl->lastDateAsn1.data, dupl->lastDate, dupl->lastDateAsn1.length); + dupl->lastDateAsn1.type = dupl->lastDateFormat; + dupl->nextDateAsn1.length = MAX_DATE_SIZE; + XMEMCPY (dupl->nextDateAsn1.data, dupl->nextDate, dupl->nextDateAsn1.length); + dupl->nextDateAsn1.type = dupl->nextDateFormat; +#endif + #ifdef CRL_STATIC_REVOKED_LIST XMEMCPY(dupl->certs, ent->certs, ent->totalCerts*sizeof(RevokedCert)); #else diff --git a/src/ocsp.c b/src/ocsp.c index 48a02f937..c182e0dd8 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -1074,34 +1074,39 @@ WOLFSSL_OCSP_CERTID* wolfSSL_d2i_OCSP_CERTID(WOLFSSL_OCSP_CERTID** cidOut, { WOLFSSL_OCSP_CERTID *cid = NULL; - if ((cidOut == NULL) || (derIn == NULL) || (length == 0)) - goto err; + if ((cidOut != NULL) && (derIn != NULL) && (length > 0)) { - cid = *cidOut; - /* If a NULL is passed we allocate the memory for the caller. */ - if (!cid) { - cid = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(*cid), NULL, DYNAMIC_TYPE_OPENSSL); - if (!cid) goto err; - } - else if (cid->rawCertId) { - XFREE(cid->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL); - cid->rawCertId = NULL; - cid->rawCertIdSize = 0; + cid = *cidOut; + + /* If a NULL is passed we allocate the memory for the caller. */ + if (cid == NULL) + cid = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(*cid), NULL, + DYNAMIC_TYPE_OPENSSL); + else if (cid->rawCertId) { + XFREE(cid->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL); + cid->rawCertId = NULL; + cid->rawCertIdSize = 0; + } + + if (cid != NULL) { + cid->rawCertId = (byte*)XMALLOC(length, NULL, DYNAMIC_TYPE_OPENSSL); + if (cid->rawCertId != NULL) { + XMEMCPY (cid->rawCertId, *derIn, length); + cid->rawCertIdSize = length; + + /* Per spec. advance past the data that is being returned + * to the caller. */ + *cidOut = cid; + *derIn = *derIn + length; + + return cid; + } + } } - cid->rawCertId = (byte*)XMALLOC(length, NULL, DYNAMIC_TYPE_OPENSSL); - if (!cid->rawCertId) goto err; - XMEMCPY (cid->rawCertId, *derIn, length); - cid->rawCertIdSize = length; - - /* Per spec. advance past the data that is being returned to the caller. */ - *cidOut = cid; - *derIn = *derIn + length; - return cid; - -err: if (cid && (!cidOut || cid != *cidOut)) XFREE(cid, NULL, DYNAMIC_TYPE_OPENSSL); + return NULL; } diff --git a/src/x509.c b/src/x509.c index 066422800..69b2ded80 100644 --- a/src/x509.c +++ b/src/x509.c @@ -8040,14 +8040,7 @@ void wolfSSL_X509_CRL_free(WOLFSSL_X509_CRL *crl) WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL* crl) { if ((crl != NULL) && (crl->crlList != NULL) && - (crl->crlList->lastDate[0] != 0)) { - - /* Copy date to an ASN1_TIME struct for returning to the caller. */ - crl->crlList->lastDateAsn1.length = MAX_DATE_SIZE; - XMEMCPY (crl->crlList->lastDateAsn1.data, crl->crlList->lastDate, - crl->crlList->lastDateAsn1.length); - crl->crlList->lastDateAsn1.type = crl->crlList->lastDateFormat; - + (crl->crlList->lastDateAsn1.data[0] != 0)) { return &crl->crlList->lastDateAsn1; } else @@ -8057,14 +8050,7 @@ WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL* crl) WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_nextUpdate(WOLFSSL_X509_CRL* crl) { if ((crl != NULL) && (crl->crlList != NULL) && - (crl->crlList->nextDate[0] != 0)) { - - /* Copy date to an ASN1_TIME struct for returning to the caller. */ - crl->crlList->nextDateAsn1.length = MAX_DATE_SIZE; - XMEMCPY (crl->crlList->nextDateAsn1.data, crl->crlList->nextDate, - crl->crlList->nextDateAsn1.length); - crl->crlList->nextDateAsn1.type = crl->crlList->nextDateFormat; - + (crl->crlList->nextDateAsn1.data[0] != 0)) { return &crl->crlList->nextDateAsn1; } else diff --git a/tests/api.c b/tests/api.c index 23ee53f3b..4114caaec 100644 --- a/tests/api.c +++ b/tests/api.c @@ -48150,6 +48150,7 @@ static int test_wolfSSL_d2i_OCSP_CERTID(void) AssertNotNull(certId); AssertIntEQ(certId->rawCertIdSize, sizeof(rawCertId)); + XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL); XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL); /* If the cert ID is not NULL the function will just copy the data to it. */ @@ -48162,6 +48163,7 @@ static int test_wolfSSL_d2i_OCSP_CERTID(void) AssertNotNull(certId); AssertIntEQ(certId->rawCertIdSize, sizeof(rawCertId)); + XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL); XFREE(certId, NULL, DYNAMIC_TYPE_TMP_BUFFER); /* The below tests should fail when passed bad parameters. NULL should