Google Git
Sign in
boringssl/boringssl.git/db638238d29708a20b991af3b2488e45a8bbcf71^!/.
commit
db638238d29708a20b991af3b2488e45a8bbcf71
[log]
author
David Benjamin <davidben@google.com>
Fri Sep 26 14:29:07 2025 -0400
committer
Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>
Fri Sep 26 12:13:51 2025 -0700
tree
567d8ae03a8e2480fd348ff2fe002564a5413759
parent
2375765eeae11c78eec8c6bf1bdfa53cf86e6ef8 [diff]
Tolerate nullptr in i2d_X509_NAME

This used to be tolerated by way of the general tasn_enc machinery. We
don't support this, but one existing test was relying on this to force
i2d_X509_NAME to fail and exercise that error path. I don't think it's
actually possible, short of malloc failure, to construct an X509_NAME
such that i2d_X509_NAME fails anymore. It's easier to just restore this
artificial failure case than to figure out what, if anything, to do with
their check.

Change-Id: I49bd19e711518756c5ff20230dc4df6c56bf1977
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/82310
Reviewed-by: Lily Chen <chlily@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: Lily Chen <chlily@google.com>

diff --git a/crypto/x509/x_name.cc b/crypto/x509/x_name.cc
index 6b10219..ce9b01d 100644
--- a/crypto/x509/x_name.cc
+++ b/crypto/x509/x_name.cc

@@ -304,6 +304,10 @@
 }
 
 int i2d_X509_NAME(const X509_NAME *in, uint8_t **outp) {
+  if (in == nullptr) {
+    OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER);
+    return -1;
+  }
   const X509_NAME_CACHE *cache = x509_name_get_cache(in);
   if (cache == nullptr) {
     return -1;