diff options
author | Pauli <paul.dale@oracle.com> | 2018-07-03 08:02:37 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2018-07-03 13:14:17 +1000 |
commit | c36b39b5cd685fc5eae84ece247e7873a27d8834 (patch) | |
tree | 1aa8ed67628754752229c02b84c1c489b0354839 /crypto/conf | |
parent | 3bb5e5b09e32defefda2b61087c113203005ffa0 (diff) | |
download | openssl-c36b39b5cd685fc5eae84ece247e7873a27d8834.zip openssl-c36b39b5cd685fc5eae84ece247e7873a27d8834.tar.gz openssl-c36b39b5cd685fc5eae84ece247e7873a27d8834.tar.bz2 |
Check for NULL conf in NCONF_get_number
The problematic case falls back to a NULL conf which returns the result
of getenv(2). If this returns NULL, everything was good. If this returns
a string an attempt to convert it to a number is made using the function
pointers from conf.
This fix uses the strtol(3) function instead, we don't have the
configuration settings and this behaves as the default would.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6632)
Diffstat (limited to 'crypto/conf')
-rw-r--r-- | crypto/conf/conf_lib.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/crypto/conf/conf_lib.c b/crypto/conf/conf_lib.c index c72511b..5f976f3 100644 --- a/crypto/conf/conf_lib.c +++ b/crypto/conf/conf_lib.c @@ -292,10 +292,13 @@ int NCONF_get_number_e(const CONF *conf, const char *group, const char *name, if (str == NULL) return 0; - for (*result = 0; conf->meth->is_number(conf, *str);) { - *result = (*result) * 10 + conf->meth->to_int(conf, *str); - str++; - } + if (conf == NULL) + *result = strtol(str, &str, 10); + else + for (*result = 0; conf->meth->is_number(conf, *str);) { + *result = (*result) * 10 + conf->meth->to_int(conf, *str); + str++; + } return 1; } |