openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

s_cb.c: Add missing return value checks 

Return value of function 'SSL_CTX_ctrl', that is called from
SSL_CTX_set1_verify_cert_store() and SSL_CTX_set1_chain_cert_store(),
is not checked, but it is usually checked for this function.

CLA: trivial

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23647)

(cherry picked from commit 6f794b461c)
This commit is contained in:
MrRurikov 2024-02-21 11:11:34 +03:00 committed by Tomas Mraz
parent 9dc2269829
commit db511578f7
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apps/lib/s_cb.c
View File

@ -1383,7 +1383,8 @@ int ssl_load_stores(SSL_CTX *ctx,
if (vfyCAstore != NULL && !X509_STORE_load_store(vfy, vfyCAstore))
goto err;
add_crls_store(vfy, crls);
SSL_CTX_set1_verify_cert_store(ctx, vfy);
if (SSL_CTX_set1_verify_cert_store(ctx, vfy) == 0)
goto err;
if (crl_download)
store_setup_crl_download(vfy);
}
@ -1397,7 +1398,8 @@ int ssl_load_stores(SSL_CTX *ctx,
goto err;
if (chCAstore != NULL && !X509_STORE_load_store(ch, chCAstore))
goto err;
SSL_CTX_set1_chain_cert_store(ctx, ch);
if (SSL_CTX_set1_chain_cert_store(ctx, ch) == 0)
goto err;
}
rv = 1;
err: