rpms
/
sscg
7
0
Fork 0
Code Issues Pull Requests Releases Activity
sscg/SOURCES/0004-Properly-check-all-ret...

64 lines
2.2 KiB
Diff
Raw Blame History

From 9e4497d1dd2a337be1f69e0cfb24ce8080690ccf Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Wed, 28 Nov 2018 09:16:29 -0500
Subject: [PATCH 4/4] Properly check all return values
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
---
src/authority.c | 1 +
src/service.c | 1 +
src/x509.c | 1 +
3 files changed, 3 insertions(+)
diff --git a/src/authority.c b/src/authority.c
index b735868416b7fb5d016f0854baf0f27cd5f98b26..4e0dccc6c1210beffb38acd9f7dfb6108ca4a4ad 100644
--- a/src/authority.c
+++ b/src/authority.c
@@ -178,10 +178,11 @@ create_private_CA (TALLOC_CTX *mem_ctx,
}
sk_X509_EXTENSION_push (ca_certinfo->extensions, ex);
/* Finalize the CSR */
ret = sscg_x509v3_csr_finalize (ca_certinfo, pkey, csr);
+ CHECK_OK (ret);
if (options->verbosity >= SSCG_DEBUG)
{
fprintf (stderr, "DEBUG: Writing CA CSR to ./debug-ca.csr\n");
BIO *ca_csr_out = BIO_new_file ("./debug-ca.csr", "w");
diff --git a/src/service.c b/src/service.c
index b292e94063f032fd3c34a8134702063ea46bfa0c..34c976dbe905528000b181c24d1fa95da3cd1377 100644
--- a/src/service.c
+++ b/src/service.c
@@ -124,10 +124,11 @@ create_service_cert (TALLOC_CTX *mem_ctx,
ret = sscg_x509v3_csr_new (tmp_ctx, svc_certinfo, pkey, &csr);
CHECK_OK (ret);
/* Finalize the CSR */
ret = sscg_x509v3_csr_finalize (svc_certinfo, pkey, csr);
+ CHECK_OK (ret);
if (options->verbosity >= SSCG_DEBUG)
{
fprintf (stderr,
"DEBUG: Writing service certificate CSR to ./debug-svc.csr\n");
diff --git a/src/x509.c b/src/x509.c
index 6d152fc969d745cc5cf085116c8688866f9d6ab4..18f0627bc64e7cb503a9e81c36dbe726186d1144 100644
--- a/src/x509.c
+++ b/src/x509.c
@@ -39,10 +39,11 @@ sscg_generate_serial (TALLOC_CTX *mem_ctx, struct sscg_bignum **serial)
{
return ENOMEM;
}
ret = sscg_init_bignum (tmp_ctx, 0, &bn);
+ CHECK_OK (ret);
/* We'll create a random number of sizeof(unsigned long) - 1 bits
to use as the serial. We use unsigned long to ensure that it
could be printed by BN_get_word() later. We omit the last bit
in order to ensure that we can't randomly get 0xffffffffL, which
--
2.19.1
Reference in New Issue View Git Blame Copy Permalink