Revision 05f61fb27efaf1a3f4cfa1a8d4d62c34e3c8a0fe authored by Emilia Kasper on 25 August 2014, 10:38:16 UTC, committed by Emilia Kasper on 27 August 2014, 17:42:31 UTC
The old code implicitly relies on the ASN.1 code returning a \0-prefixed buffer when the buffer length is 0. Change this to verify explicitly that the ASN.1 string has positive length. Reviewed-by: Dr Stephen Henson <steve@openssl.org> (cherry picked from commit 82dc08de54ce443c2a9ac478faffe79e76157795)
1 parent 10be715
X509_STORE_CTX_get_ex_new_index.pod
=pod
=head1 NAME
X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data - add application specific data to X509_STORE_CTX structures
=head1 SYNOPSIS
#include <openssl/x509_vfy.h>
int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *d, int idx, void *arg);
void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *d, int idx);
=head1 DESCRIPTION
These functions handle application specific data in X509_STORE_CTX structures.
Their usage is identical to that of RSA_get_ex_new_index(), RSA_set_ex_data()
and RSA_get_ex_data() as described in L<RSA_get_ex_new_index(3)>.
=head1 NOTES
This mechanism is used internally by the B<ssl> library to store the B<SSL>
structure associated with a verification operation in an B<X509_STORE_CTX>
structure.
=head1 SEE ALSO
L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>
=head1 HISTORY
X509_STORE_CTX_get_ex_new_index(), X509_STORE_CTX_set_ex_data() and
X509_STORE_CTX_get_ex_data() are available since OpenSSL 0.9.5.
=cut
Computing file changes ...
