diff options
| author | Rob Austein <sra@hactrn.net> | 2006-08-15 20:25:56 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2006-08-15 20:25:56 +0000 |
| commit | adda22c128fa6c9942e64ac8a2c345a67143b1f8 (patch) | |
| tree | 7b3af221f73e447cd041f926f045cea474adf881 | |
| parent | 5f19d765e7ba4bca5d1caf0bc8d4ea7d4be6f911 (diff) | |
Handle policy check at trust anchor
svn path=/openssl/trunk/crypto/x509v3/pcy_tree.c; revision=152
| -rw-r--r-- | openssl/trunk/crypto/x509v3/pcy_tree.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/openssl/trunk/crypto/x509v3/pcy_tree.c b/openssl/trunk/crypto/x509v3/pcy_tree.c index 1c68ce33..511881d7 100644 --- a/openssl/trunk/crypto/x509v3/pcy_tree.c +++ b/openssl/trunk/crypto/x509v3/pcy_tree.c @@ -628,6 +628,16 @@ int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy, /* Tree OK: continue */ case 1: + if (!tree) + /* + * tree_init() returns success and a null tree + * if it's just looking at a trust anchor. + * I'm not sure that returning success here is + * correct, but I'm sure that reporting this + * as an internal error which our caller + * interprets as a malloc failure is wrong. + */ + return 1; break; } |