diff --git a/snmplib/snmp_openssl.c b/snmplib/snmp_openssl.c index e0e6615f0..dd202f440 100644 --- a/snmplib/snmp_openssl.c +++ b/snmplib/snmp_openssl.c @@ -499,6 +499,8 @@ netsnmp_openssl_cert_dump_extensions(X509 *ocert) extension_name = OBJ_nid2sn(nid); buf_len = sizeof(buf); str = _cert_get_extension_str_at(ocert, i, &buf_ptr, &buf_len, 0); + if (!str) + continue; lf = strchr(str, '\n'); /* look for multiline strings */ if (NULL != lf) *lf = '\0'; /* only log first line of multiline here */ diff --git a/snmplib/snmp_openssl.c b/snmplib/snmp_openssl.c index 01d72afb2..e0e6615f0 100644 --- a/snmplib/snmp_openssl.c +++ b/snmplib/snmp_openssl.c @@ -300,7 +300,7 @@ _cert_get_extension(X509_EXTENSION *oext, char **buf, int *len, int flags) if (!buf_ptr) { snmp_log(LOG_ERR, - "not enough space or error in allocation for extenstion\n"); + "not enough space or error in allocation for extension\n"); BIO_vfree(bio); return NULL; } diff --git a/snmplib/snmp_openssl.c b/snmplib/snmp_openssl.c index dd202f440..7d6db6ae6 100644 --- a/snmplib/snmp_openssl.c +++ b/snmplib/snmp_openssl.c @@ -290,8 +290,11 @@ _cert_get_extension(X509_EXTENSION *oext, char **buf, int *len, int flags) space = BIO_get_mem_data(bio, &data); if (buf && *buf) { - if (*len < space) - buf_ptr = NULL; + if (*len < space + 1) { + snmp_log(LOG_ERR, "not enough buffer space to print extension\n"); + BIO_vfree(bio); + return NULL; + } else buf_ptr = *buf; } @@ -299,8 +302,7 @@ _cert_get_extension(X509_EXTENSION *oext, char **buf, int *len, int flags) buf_ptr = calloc(1,space + 1); if (!buf_ptr) { - snmp_log(LOG_ERR, - "not enough space or error in allocation for extension\n"); + snmp_log(LOG_ERR, "error in allocation for extension\n"); BIO_vfree(bio); return NULL; } @@ -479,7 +481,7 @@ netsnmp_openssl_cert_dump_extensions(X509 *ocert) { X509_EXTENSION *extension; const char *extension_name; - char buf[SNMP_MAXBUF_SMALL], *buf_ptr = buf, *str, *lf; + char buf[SNMP_MAXBUF], *buf_ptr = buf, *str, *lf; int i, num_extensions, buf_len, nid; if (NULL == ocert) @@ -499,8 +501,11 @@ netsnmp_openssl_cert_dump_extensions(X509 *ocert) extension_name = OBJ_nid2sn(nid); buf_len = sizeof(buf); str = _cert_get_extension_str_at(ocert, i, &buf_ptr, &buf_len, 0); - if (!str) + if (!str) { + DEBUGMSGT(("9:cert:dump", " %2d: %s\n", i, + extension_name)); continue; + } lf = strchr(str, '\n'); /* look for multiline strings */ if (NULL != lf) *lf = '\0'; /* only log first line of multiline here */ diff --git a/snmplib/snmp_openssl.c b/snmplib/snmp_openssl.c index 7d6db6ae6..c092a007a 100644 --- a/snmplib/snmp_openssl.c +++ b/snmplib/snmp_openssl.c @@ -284,33 +284,30 @@ _cert_get_extension(X509_EXTENSION *oext, char **buf, int *len, int flags) } if (X509V3_EXT_print(bio, oext, 0, 0) != 1) { snmp_log(LOG_ERR, "could not print extension!\n"); - BIO_vfree(bio); - return NULL; + goto out; } space = BIO_get_mem_data(bio, &data); if (buf && *buf) { if (*len < space + 1) { snmp_log(LOG_ERR, "not enough buffer space to print extension\n"); - BIO_vfree(bio); - return NULL; + goto out; } - else - buf_ptr = *buf; + buf_ptr = *buf; + } else { + buf_ptr = calloc(1, space + 1); } - else - buf_ptr = calloc(1,space + 1); if (!buf_ptr) { snmp_log(LOG_ERR, "error in allocation for extension\n"); - BIO_vfree(bio); - return NULL; + goto out; } memcpy(buf_ptr, data, space); buf_ptr[space] = 0; if (len) *len = space; +out: BIO_vfree(bio); return buf_ptr;