From d096c06b34b5627f3f4d25bcdc8e6dba10546989 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Thu, 15 Mar 2018 13:54:33 -0700 Subject: [PATCH] bytestring: document that |CBS_get_optional_asn1| can have a NULL output. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On the other hand, the type-specific |CBS_get_optional_asn1_octet_string| must have a valid pointer and we should check this in the “present” case or there could be a lucking crash in some user waiting for an expected value to be missing. Change-Id: Ida40e069ac7f0e50967e3f6c6b3fc01e49bd8894 Reviewed-on: https://boringssl-review.googlesource.com/26564 Commit-Queue: David Benjamin Reviewed-by: David Benjamin CQ-Verified: CQ bot account: commit-bot@chromium.org --- crypto/bytestring/cbs.c | 1 + include/openssl/bytestring.h | 8 ++++---- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/crypto/bytestring/cbs.c b/crypto/bytestring/cbs.c index 909512e5..458af380 100644 --- a/crypto/bytestring/cbs.c +++ b/crypto/bytestring/cbs.c @@ -466,6 +466,7 @@ int CBS_get_optional_asn1_octet_string(CBS *cbs, CBS *out, int *out_present, return 0; } if (present) { + assert(out); if (!CBS_get_asn1(&child, out, CBS_ASN1_OCTETSTRING) || CBS_len(&child) != 0) { return 0; diff --git a/include/openssl/bytestring.h b/include/openssl/bytestring.h index 39462a97..6ed1644f 100644 --- a/include/openssl/bytestring.h +++ b/include/openssl/bytestring.h @@ -240,10 +240,10 @@ OPENSSL_EXPORT int CBS_get_asn1_uint64(CBS *cbs, uint64_t *out); OPENSSL_EXPORT int CBS_get_asn1_bool(CBS *cbs, int *out); // CBS_get_optional_asn1 gets an optional explicitly-tagged element from |cbs| -// tagged with |tag| and sets |*out| to its contents. If present and if -// |out_present| is not NULL, it sets |*out_present| to one, otherwise zero. It -// returns one on success, whether or not the element was present, and zero on -// decode failure. +// tagged with |tag| and sets |*out| to its contents, or ignores it if |out| is +// NULL. If present and if |out_present| is not NULL, it sets |*out_present| to +// one, otherwise zero. It returns one on success, whether or not the element +// was present, and zero on decode failure. OPENSSL_EXPORT int CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present, unsigned tag);