diff options
author | Filipe DA SILVA <fdasilvaYY@gmail.com> | 2015-09-16 22:25:31 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2015-09-17 11:58:24 -0400 |
commit | 0e04674e964b905e67e3d215bcf888932c92765f (patch) | |
tree | 07009b277704aa716f12cab631c1ec46b56ac441 | |
parent | 20ca916d7db4fe6feada88d0bea1489123339c7c (diff) | |
download | openssl-0e04674e964b905e67e3d215bcf888932c92765f.zip openssl-0e04674e964b905e67e3d215bcf888932c92765f.tar.gz openssl-0e04674e964b905e67e3d215bcf888932c92765f.tar.bz2 |
RT4047: Set reference count earlier
Make sure it's valid very early.
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
-rw-r--r-- | crypto/asn1/x_pkey.c | 3 | ||||
-rw-r--r-- | ssl/ssl_cert.c | 2 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 2 |
3 files changed, 4 insertions, 3 deletions
diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c index 0665aab..961b913 100644 --- a/crypto/asn1/x_pkey.c +++ b/crypto/asn1/x_pkey.c @@ -70,11 +70,12 @@ X509_PKEY *X509_PKEY_new(void) if (!ret) goto err; + ret->references = 1; ret->enc_algor = X509_ALGOR_new(); ret->enc_pkey = ASN1_OCTET_STRING_new(); if (!ret->enc_algor || !ret->enc_pkey) goto err; - ret->references = 1; + return ret; err: X509_PKEY_free(ret); diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 05a4447..ecef7bd 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -192,6 +192,7 @@ CERT *ssl_cert_dup(CERT *cert) return (NULL); } + ret->references = 1; ret->key = &ret->pkeys[cert->key - cert->pkeys]; #ifndef OPENSSL_NO_RSA @@ -278,7 +279,6 @@ CERT *ssl_cert_dup(CERT *cert) } } - ret->references = 1; /* Configured sigalgs copied across */ if (cert->conf_sigalgs) { ret->conf_sigalgs = OPENSSL_malloc(cert->conf_sigalgslen); diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 28b7108..e794d82 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -286,6 +286,7 @@ SSL *SSL_new(SSL_CTX *ctx) s->options = ctx->options; s->mode = ctx->mode; s->max_cert_list = ctx->max_cert_list; + s->references = 1; /* * Earlier library versions used to copy the pointer to the CERT, not @@ -372,7 +373,6 @@ SSL *SSL_new(SSL_CTX *ctx) if (!s->method->ssl_new(s)) goto err; - s->references = 1; s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1; if (!SSL_clear(s)) |