aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/x509
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2017-11-16 12:16:50 -0500
committerJack Lloyd <[email protected]>2017-11-16 12:16:50 -0500
commit966498893af60a1474ea10f1dc3bfbd5b1f43d00 (patch)
tree0c022492e4b59cac1eb6691b79e97cde0d4d9fb5 /src/lib/x509
parentf1b54cb3895f1b0007d29bcba90ad693bb7c898d (diff)
Fix a memory leak in the case where certificate extension decoding fails.
Introduced in #884 Found by OSS-Fuzz (bug 4249)
Diffstat (limited to 'src/lib/x509')
-rw-r--r--src/lib/x509/x509_ext.cpp36
-rw-r--r--src/lib/x509/x509_ext.h27
2 files changed, 33 insertions, 30 deletions
diff --git a/src/lib/x509/x509_ext.cpp b/src/lib/x509/x509_ext.cpp
index 682cc1cc7..a7e3c8f61 100644
--- a/src/lib/x509/x509_ext.cpp
+++ b/src/lib/x509/x509_ext.cpp
@@ -22,71 +22,71 @@ namespace Botan {
/*
* Create a Certificate_Extension object of some kind to handle
*/
-Certificate_Extension*
+std::unique_ptr<Certificate_Extension>
Extensions::create_extn_obj(const OID& oid,
bool critical,
const std::vector<uint8_t>& body)
{
const std::string oid_str = oid.as_string();
- Certificate_Extension* extn = nullptr;
+ std::unique_ptr<Certificate_Extension> extn;
if(oid == Cert_Extension::Subject_Key_ID::static_oid())
{
- extn = new Cert_Extension::Subject_Key_ID;
+ extn.reset(new Cert_Extension::Subject_Key_ID);
}
else if(oid == Cert_Extension::Key_Usage::static_oid())
{
- extn = new Cert_Extension::Key_Usage;
+ extn.reset(new Cert_Extension::Key_Usage);
}
else if(oid == Cert_Extension::Subject_Alternative_Name::static_oid())
{
- extn = new Cert_Extension::Subject_Alternative_Name;
+ extn.reset(new Cert_Extension::Subject_Alternative_Name);
}
else if(oid == Cert_Extension::Issuer_Alternative_Name::static_oid())
{
- extn = new Cert_Extension::Issuer_Alternative_Name;
+ extn.reset(new Cert_Extension::Issuer_Alternative_Name);
}
else if(oid == Cert_Extension::Basic_Constraints::static_oid())
{
- extn = new Cert_Extension::Basic_Constraints;
+ extn.reset(new Cert_Extension::Basic_Constraints);
}
else if(oid == Cert_Extension::CRL_Number::static_oid())
{
- extn = new Cert_Extension::CRL_Number;
+ extn.reset(new Cert_Extension::CRL_Number);
}
else if(oid == Cert_Extension::CRL_ReasonCode::static_oid())
{
- extn = new Cert_Extension::CRL_ReasonCode;
+ extn.reset(new Cert_Extension::CRL_ReasonCode);
}
else if(oid == Cert_Extension::Authority_Key_ID::static_oid())
{
- extn = new Cert_Extension::Authority_Key_ID;
+ extn.reset(new Cert_Extension::Authority_Key_ID);
}
else if(oid == Cert_Extension::Name_Constraints::static_oid())
{
- extn = new Cert_Extension::Name_Constraints;
+ extn.reset(new Cert_Extension::Name_Constraints);
}
else if(oid == Cert_Extension::CRL_Distribution_Points::static_oid())
{
- extn = new Cert_Extension::CRL_Distribution_Points;
+ extn.reset(new Cert_Extension::CRL_Distribution_Points);
}
else if(oid == Cert_Extension::Certificate_Policies::static_oid())
{
- extn = new Cert_Extension::Certificate_Policies;
+ extn.reset(new Cert_Extension::Certificate_Policies);
}
else if(oid == Cert_Extension::Extended_Key_Usage::static_oid())
{
- extn = new Cert_Extension::Extended_Key_Usage;
+ extn.reset(new Cert_Extension::Extended_Key_Usage);
}
else if(oid == Cert_Extension::Authority_Information_Access::static_oid())
{
- extn = new Cert_Extension::Authority_Information_Access;
+ extn.reset(new Cert_Extension::Authority_Information_Access);
}
else
{
// some other unknown extension type
- extn = new Cert_Extension::Unknown_Extension(oid, critical);
+ extn.reset(new Cert_Extension::Unknown_Extension(oid, critical));
}
try
@@ -239,8 +239,8 @@ void Extensions::decode_from(BER_Decoder& from_source)
.decode(bits, OCTET_STRING)
.end_cons();
- Extensions_Info info(critical, bits,
- create_extn_obj(oid, critical, bits));
+ std::unique_ptr<Certificate_Extension> obj = create_extn_obj(oid, critical, bits);
+ Extensions_Info info(critical, bits, obj.release());
m_extension_oids.push_back(oid);
m_extension_info.emplace(oid, info);
diff --git a/src/lib/x509/x509_ext.h b/src/lib/x509/x509_ext.h
index 2243d6deb..2cc0115ff 100644
--- a/src/lib/x509/x509_ext.h
+++ b/src/lib/x509/x509_ext.h
@@ -224,27 +224,30 @@ class BOTAN_PUBLIC_API(2,0) Extensions final : public ASN1_Object
#endif
private:
- static Certificate_Extension* create_extn_obj(const OID& oid,
- bool critical,
- const std::vector<uint8_t>& body);
+ static std::unique_ptr<Certificate_Extension>
+ create_extn_obj(const OID& oid,
+ bool critical,
+ const std::vector<uint8_t>& body);
class Extensions_Info
{
public:
Extensions_Info(bool critical,
Certificate_Extension* ext) :
- m_critical(critical),
- m_bits(ext->encode_inner()),
- m_obj(ext)
- {}
+ m_obj(ext),
+ m_bits(m_obj->encode_inner()),
+ m_critical(critical)
+ {
+ }
Extensions_Info(bool critical,
const std::vector<uint8_t>& encoding,
Certificate_Extension* ext) :
- m_critical(critical),
+ m_obj(ext),
m_bits(encoding),
- m_obj(ext)
- {}
+ m_critical(critical)
+ {
+ }
bool is_critical() const { return m_critical; }
const std::vector<uint8_t>& bits() const { return m_bits; }
@@ -255,9 +258,9 @@ class BOTAN_PUBLIC_API(2,0) Extensions final : public ASN1_Object
}
private:
- bool m_critical = false;
+ std::shared_ptr<Certificate_Extension> m_obj;
std::vector<uint8_t> m_bits;
- std::shared_ptr<const Certificate_Extension> m_obj;
+ bool m_critical = false;
};
std::vector<OID> m_extension_oids;