Fix: 'openssl ca' command crashes when used with 'rand_serial' option

Commit ffb46830e2 introduced the 'rand_serial' option. When it is used, the 'serialfile' does not get initialized, i.e. it remains a NULL pointer. This causes a crash when the NULL pointer is passed to the rotate_serial() call. This commit fixes the crash and unifies the pointer checking before calling the rotate_serial() and save_serial() commands. Fixes #7412 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7417)
2018-10-16 23:50:16 +02:00 · 2018-10-16 23:50:16 +02:00 · aeec793b4b
parent 92ebf6c4c2
commit aeec793b4b
1 changed files with 10 additions and 9 deletions
--- a/apps/ca.c
+++ b/apps/ca.c
@ -976,7 +976,7 @@ end_of_options:
            BIO_printf(bio_err, "Write out database with %d new entries\n",
                       sk_X509_num(cert_sk));

-            if (!rand_ser
+            if (serialfile != NULL
                    && !save_serial(serialfile, "new", serial, NULL))
                goto end;

@ -1044,7 +1044,8 @@ end_of_options:

        if (sk_X509_num(cert_sk)) {
            /* Rename the database and the serial file */
-            if (!rotate_serial(serialfile, "new", "old"))
+            if (serialfile != NULL
+                    && !rotate_serial(serialfile, "new", "old"))
                goto end;

            if (!rotate_index(dbfile, "new", "old"))
@ -1177,10 +1178,9 @@ end_of_options:
        }

        /* we have a CRL number that need updating */
-        if (crlnumberfile != NULL)
-            if (!rand_ser
-                    && !save_serial(crlnumberfile, "new", crlnumber, NULL))
-                goto end;
+        if (crlnumberfile != NULL
+                && !save_serial(crlnumberfile, "new", crlnumber, NULL))
+            goto end;

        BN_free(crlnumber);
        crlnumber = NULL;
@ -1195,9 +1195,10 @@ end_of_options:

        PEM_write_bio_X509_CRL(Sout, crl);

-        if (crlnumberfile != NULL) /* Rename the crlnumber file */
-            if (!rotate_serial(crlnumberfile, "new", "old"))
-                goto end;
+        /* Rename the crlnumber file */
+        if (crlnumberfile != NULL
+                && !rotate_serial(crlnumberfile, "new", "old"))
+            goto end;

    }
    /*****************************************************************/