From d9292f649585716c37c1a31c58deee9017c51fb7 Mon Sep 17 00:00:00 2001 From: Michael Paquier Date: Sun, 23 Aug 2015 22:15:48 +0900 Subject: [PATCH 2/2] Add more sanity checks in sslinfo Those are more cosmetic changes, and an error in those code paths is unlikely to happen, still it looks better to fail properly should an error happen in those code paths when calling openssl routines related to BIO manipulation. --- contrib/sslinfo/sslinfo.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/contrib/sslinfo/sslinfo.c b/contrib/sslinfo/sslinfo.c index 959c628..8e07d59 100644 --- a/contrib/sslinfo/sslinfo.c +++ b/contrib/sslinfo/sslinfo.c @@ -150,6 +150,8 @@ ASN1_STRING_to_text(ASN1_STRING *str) text *result; membuf = BIO_new(BIO_s_mem()); + if (membuf == NULL) + elog(ERROR, "Failed to create BIO"); (void) BIO_set_close(membuf, BIO_CLOSE); ASN1_STRING_print_ex(membuf, str, ((ASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB) @@ -162,7 +164,8 @@ ASN1_STRING_to_text(ASN1_STRING *str) result = cstring_to_text(dp); if (dp != sp) pfree(dp); - BIO_free(membuf); + if (BIO_free(membuf) == 0) + elog(ERROR, "Failed to free BIO"); PG_RETURN_TEXT_P(result); } @@ -301,15 +304,24 @@ X509_NAME_to_text(X509_NAME *name) char *dp; text *result; + if (membuf == NULL) + elog(ERROR, "Failed to create BIO"); + (void) BIO_set_close(membuf, BIO_CLOSE); for (i = 0; i < count; i++) { e = X509_NAME_get_entry(name, i); nid = OBJ_obj2nid(X509_NAME_ENTRY_get_object(e)); + if (nid == NID_undef) + elog(ERROR, "Failed to get NID for ASN1_OBJECT object"); v = X509_NAME_ENTRY_get_data(e); field_name = OBJ_nid2sn(nid); - if (!field_name) + if (field_name == NULL) field_name = OBJ_nid2ln(nid); + if (field_name) + elog(ERROR, + "Failed to convert the NID %d to an ASN1_OBJECT structure", + nid); BIO_printf(membuf, "/%s=", field_name); ASN1_STRING_print_ex(membuf, v, ((ASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB) @@ -324,7 +336,8 @@ X509_NAME_to_text(X509_NAME *name) result = cstring_to_text(dp); if (dp != sp) pfree(dp); - BIO_free(membuf); + if (BIO_free(membuf) == 0) + elog(ERROR, "Failed to free BIO"); PG_RETURN_TEXT_P(result); } -- 2.5.0