Pull a len == 0 check up before malloc(len) to avoid implementation

author tb <tb@openbsd.org>

Thu, 3 Mar 2022 11:29:05 +0000 (11:29 +0000)

committer tb <tb@openbsd.org>

Thu, 3 Mar 2022 11:29:05 +0000 (11:29 +0000)
author tb <tb@openbsd.org>
Thu, 3 Mar 2022 11:29:05 +0000 (11:29 +0000)
committer tb <tb@openbsd.org>
Thu, 3 Mar 2022 11:29:05 +0000 (11:29 +0000)
diff --git a/lib/libcrypto/x509/x509_constraints.c b/lib/libcrypto/x509/x509_constraints.c

index 5320583..c7adaa4 100644 (file)
--- a/lib/libcrypto/x509/x509_constraints.c
+++ b/lib/libcrypto/x509/x509_constraints.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_constraints.c,v 1.20 2022/03/02 17:53:03 tb Exp $ */
+/* $OpenBSD: x509_constraints.c,v 1.21 2022/03/03 11:29:05 tb Exp $ */
  /*
   * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
   *
@@ -747,15 +747,15 @@ x509_constraints_extract_names(struct x509_constraints_names *names,
                         vname->type = GEN_URI;
                         break;
                 case GEN_DIRNAME:
+                       if (len == 0) {
+                               *error = X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
+                               goto err;
+                       }
                         if (bytes == NULL || ((vname->der = malloc(len)) ==
                             NULL)) {
                                 *error = X509_V_ERR_OUT_OF_MEM;
                                 goto err;
                         }
-                       if (len == 0) {
-                               *error = X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
-                               goto err;
-                       }
                         memcpy(vname->der, bytes, len);
                         vname->der_len = len;
                         vname->type = GEN_DIRNAME;
author	tb <tb@openbsd.org>
	Thu, 3 Mar 2022 11:29:05 +0000 (11:29 +0000)
committer	tb <tb@openbsd.org>
	Thu, 3 Mar 2022 11:29:05 +0000 (11:29 +0000)