Skip to content

Commit eaabf6d

Browse files
rheniumrhenium
committed
ocsp: refactor ossl_ocspsres_new()
Similar to most of the other ossl_*_new() functions, let it take a const pointer and make a copy of the object. This also fixes a potential memory leak when the wrapper object allocation fails.
1 parent c089301 commit eaabf6d

File tree

1 file changed

+12
-20
lines changed

1 file changed

+12
-20
lines changed

ext/openssl/ossl_ocsp.c

Lines changed: 12 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -940,7 +940,7 @@ ossl_ocspbres_get_status(VALUE self)
940940
return ret;
941941
}
942942

943-
static VALUE ossl_ocspsres_new(OCSP_SINGLERESP *);
943+
static VALUE ossl_ocspsres_new(const OCSP_SINGLERESP *);
944944

945945
/*
946946
* call-seq:
@@ -958,17 +958,10 @@ ossl_ocspbres_get_responses(VALUE self)
958958

959959
GetOCSPBasicRes(self, bs);
960960
count = OCSP_resp_count(bs);
961-
ret = rb_ary_new2(count);
961+
ret = rb_ary_new_capa(count);
962962

963963
for (i = 0; i < count; i++) {
964-
OCSP_SINGLERESP *sres, *sres_new;
965-
966-
sres = OCSP_resp_get0(bs, i);
967-
sres_new = ASN1_item_dup(ASN1_ITEM_rptr(OCSP_SINGLERESP), sres);
968-
if (!sres_new)
969-
ossl_raise(eOCSPError, "ASN1_item_dup");
970-
971-
rb_ary_push(ret, ossl_ocspsres_new(sres_new));
964+
rb_ary_push(ret, ossl_ocspsres_new(OCSP_resp_get0(bs, i)));
972965
}
973966

974967
return ret;
@@ -986,7 +979,6 @@ static VALUE
986979
ossl_ocspbres_find_response(VALUE self, VALUE target)
987980
{
988981
OCSP_BASICRESP *bs;
989-
OCSP_SINGLERESP *sres, *sres_new;
990982
OCSP_CERTID *id;
991983
int n;
992984

@@ -995,13 +987,7 @@ ossl_ocspbres_find_response(VALUE self, VALUE target)
995987

996988
if ((n = OCSP_resp_find(bs, id, -1)) == -1)
997989
return Qnil;
998-
999-
sres = OCSP_resp_get0(bs, n);
1000-
sres_new = ASN1_item_dup(ASN1_ITEM_rptr(OCSP_SINGLERESP), sres);
1001-
if (!sres_new)
1002-
ossl_raise(eOCSPError, "ASN1_item_dup");
1003-
1004-
return ossl_ocspsres_new(sres_new);
990+
return ossl_ocspsres_new(OCSP_resp_get0(bs, n));
1005991
}
1006992

1007993
/*
@@ -1110,12 +1096,18 @@ ossl_ocspbres_to_der(VALUE self)
11101096
* OCSP::SingleResponse
11111097
*/
11121098
static VALUE
1113-
ossl_ocspsres_new(OCSP_SINGLERESP *sres)
1099+
ossl_ocspsres_new(const OCSP_SINGLERESP *sres)
11141100
{
11151101
VALUE obj;
1102+
OCSP_SINGLERESP *sres_new;
11161103

11171104
obj = NewOCSPSingleRes(cOCSPSingleRes);
1118-
SetOCSPSingleRes(obj, sres);
1105+
/* OpenSSL 1.1.1 takes a non-const pointer */
1106+
sres_new = ASN1_item_dup(ASN1_ITEM_rptr(OCSP_SINGLERESP),
1107+
(OCSP_SINGLERESP *)sres);
1108+
if (!sres_new)
1109+
ossl_raise(eOCSPError, "ASN1_item_dup");
1110+
SetOCSPSingleRes(obj, sres_new);
11191111

11201112
return obj;
11211113
}

0 commit comments

Comments
 (0)